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(57) ABSTRACT 

A wireless data network includes a wireless packet switched 
data network for end users that divides mobility manage- 
ment into local, micro, macro and global connection han- 
dover categories and minimizes handoff updates according 
to the handover category. The network integrates MAC 
handoff messages with network handoff messages. The 
network separately directs registration functions to a regis- 
tration server and direct routing functions to inter-working 
function units. The network provides an intermediate XTun- 
nel channel between a wireless hub (also called access hub 
AH) and an inter-working function unit (IWF unit) in a 
foreign network, and it provides an IXT\innel channel 
between an inter-working function unit in a foreign network 
and an inter-working function unit in a home network. The 
network enhances the layer two tunneling protocol (L2TP) 
to support a mobile end system, and it performs network 
layer registration before the start of a PPP communication 
session. 
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FIG. 5 
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MOBILITY MANAGEMENT SYSTEM 

Priority beoefit of the Oct. 14, 1997 filing date of 
provisioDal application Ser. No. 60/061,915 is hereby 
claimed. 5 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The present invention relates to the management of 
mobile end systems in a packet switched data network that 
provides computer users with remote access to the internet 
and to private intranets using virtual private network ser- 
vices over a high speed, packet switched, wireless data link. 
In particular, the invention relates to the management of 
connection handovers when a mobile end system moves 
from one cell to another. 

2. Description Of Related Art 

FIG. 1 depicts three business entities, whose equipment, 
working together typically provide remote internet access to 
user computers 2 through user modems 4. User computers 2 ^ 
and modems 4 constitute end systems. 

The first business entity is the telephone company (telco) 
that owns and operates the dial-up plain old telephone 
system (POTS) or integrated services data network (ISDN) 
network. The telco provides the media in the form of public 
switched telephone network (PSTN) 6 over which bits (or 
packets) can flow between users and the other two business 
entities. 

The second business entity is the internet service provider 
(ISP). The ISP deploys and manages one or more points of 30 
presence (POPs) 8 in its service area to which end users 
connect for network service. An ISP typically establishes a 
POP in each major local calling area in which the ISP 
expects to subscribe customers. The POP converts message 
traffic from the PSTN run by the telco into a digital form to '35 
be carried over intranet backbone 10 owned by the ISP or 
leased from an intranet backbone provider like MCI, Inc. An 
ISP typically leases fractional or fidl Tl lines or fractional or 
full T3 lines from the telco for connectivity to the PSTN. 
The POPs and the ISP's medium data center 14 are con- 40 
nected together over the intranet backbone through router 
12A> The data center houses the ISP's web servers, mail 
servers, accounting and registration servers, enabling the 
ISP to provide web content, e-mail and web hosting services 
to end users. Future value added services may be added by 45 
deploying additional types of servers in the data center. The 
ISP also maintains router 12A to connect to public internet 
backbone 20. In the current model for remote access, end 
users have service relationships with their telco and their ISP 
and usually get separate bills from both. End users access the 59 
ISP, and through the ISP, public internet 20, by dialing the 
nearest POP and running a communication protocol known 
as the Internet Engineering Task Force (IETF) point-to-point 
protocol (PPP). 

The third business entity is the private corporation which ss 
owns and operates its own private intranet 18 through router 
12 B for business reasons. Corporate employees may access 
corporate network 18 (e.g., from home or while on the road) 
by making POTS/ISDN calls to corporate remote access 
server 16 and running the IETF PPP protocol. For corporate eo 
access, end users only pay for the cost of connecting to 
corporate remote access server 16. The ISP is not involved. 
The private corporation maintains router 12B to connect an 
end user to either corporate intranet 18 or public internet 20 
or both. 55 

End users pay the telco for the cost of making phone calls 
and for the cost of a phone line into their home. End users 
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also pay the ISP for accessing the ISP's network and 
services. The present invention wiQ benefit wireless service 
providers like Sprint PCS, PrimeCo, etc. and benefit internet 
service providers like AOL, AT&T Worldnet, etc. 

Today, internet service providers offer internet access 
services, web content services, e-mail services, content 
hosting services and roaming to end users. Because of low 
margins and no scope of doing market segmentation based 
on features and price, ISPs are looking for value added 
services to improve margins. In the short term, equipment 
vendors will be able to offer solutions to ISPs to enable them 
to offer faster access, virtual private networking (which is 
the ability to iise public networks securely as private net- 
works and to connect to intranets), roaming consortiums, 
push technologies and quality of service. In the longer term, 
voice over internet and mobility will- also be offered. ISPs 
will use these value added services to escape from the low 
margin straitjacket. Many of these value added services fall 
in the category of network services and can be offered only 
through the network infrastructure equipment. Others fall in 
the category of application services which require support 
from the network infrastructure, while others do not require 
any support from the network infrastructure. Services like 
faster access, virtual private networking, roaming, mobility, 
voice, quality of service, quality of service based accounting 
all need enhanced network infrastructure. The invention 
described here will be either directly provide these enhanced 
services or provide hooks so that these services can be added 
later as future enhancements. Wireless service providers will 
be able to capture a larger share of the revenue stream. The 
ISP will be able to offer more services and with better market 
segmentation. 

SUMMARY OF THE INVENTION 

The present invention provide end users with remote 
wireless access to the public internet, private intranets and 
internet service providers. Wireless access is provided 
through base stations in a home network and base stations in 
foreign networks with interchange agreements. 

It is an object of the present invention to provide a 
wireless packet switched data network for end users that 
divides mobility management into local, micro, macro and 
global connection handover categories and minimizes hand- 
off updates according to the handover category. It is another 
object to integrate MAC handoff messages with network 
handoff messages. It is a further object of the present 
invention to separately direct registration functions to a 
registration server and direct routing functions to inter- 
working function units. It is yet another object to provide an 
intermediate XTunnel channel between a wireless hub (also 
called access hub AH) and an inter-working function unit 
(IWF unit) in a foreign network. It is yet another object to 
provide an IXTunnel channel between an inter-wbrking 
fimction unit in a foreign network and an inter-working 
function unit in a home network. It is yet another object to 
enhance the layer two tunneling protocol (L2TP) to support 
a mobile end system. It is yet another object to perform 
network layer registration before the start of a PPP commu- 
nication session. 

BRIEF DESCRIPTION OF DRAWINGS 
The invention will be described in detail in the following 

description of preferred embodiments with reference to the 

following figures wherein: 

FIG. 1 is a configuration diagram of a known remote 

access architecture through a public switched telephone 

network; 
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FIG. 2 is a configuration diagram of a remote access FIG. 21 is a configuration diagram of protocol stacks 

architecture through a wireless packet switched data net- showing communications between an end system in a for- 

work according to the present invention; eign network and a home registration server in a home 

FIG. 3 is a configuration diagram of selected parts of the network during the registration phase; 
architecture of the network of FIG. 2 showing a roaming 5 piG. 22 is a processing flow diagram showing the pro- 
scenario; cessing of accounting data through to the cxistomer billing 

FIG. 4 is a configuration diagram of a base station with system; 

local access points; FIGS. 23 and 24 are ladder diagrams depicting the reg- 

FIG. 5 is a configuration diagram of a base station with istration process for an end system in a home network and 

remote access points; ^° in a foreign network, re^ectively; 

FIG. 6 is a configuration diagram of a base station with FIGS. 25 and 26 are protocol stack diagrams depicting an 

remote access points, some of which are connected using a system cormection in a home network where a PPP 

wireless trunk connection; protocol terminates in an inter-working function of the home 

HG. 7 is a diagram of a protocol stack for a local access 15 ^^^^^ terminates in an ISP or 

PqIjjj. mtranet, respectively; 

HG. 8 is a diagram of a protocol stack for a remote access ^7 and 28 are protocol stack diagrams depicting an 

point with a wireless trunk; ^V^^^"^ connection in a foreign network where a PPP 

TTT/^ n-j- c ii*ir protocol terminates in an inter-working function of the 

FIG. 9 IS a diagram of a protocol stack for a relay function ^♦„.«,i, « j . ,u *u ddd * i * • * • 

in the base station for supporting remote access points with ^ foreign network and where the PPP protocol terminates in an 

wireless trunks; ISP or intranet, respectively; 

FIG. 10 is a diagram of protocol stacks for implementing ^ ^l^^' ^^.'^^ » l"^'^ 

the relay function depicted in FIG. 9; scenario, a micro handoff scenario and a macro 

CI/- 11 • J r . 1 • 1 r 1 /I handoff scenario, respectively; 

FIG. 11 IS a diagram ofprotocol stacks for a relay function ^i • i jj j- j • i u i i. j <x 

in the base station for supporting local access points; " a ladder diagram depictmg a global handoff 

„ .. J. r ^ f scenario where the foreign registration server changes and 

HG. 12 IS a configuration dia^am of elected parts of the ^j^^, ^^^^ inter-working function does not change; 

architecture of the network of FIG. 2 showmg a first end . , . , . ... , ^ , , „ ^ 

system registering in ihe home network from the home ^ ^ fl^'^f^'^^ "wT- ' ^ '^.f 

network and a Sicond system registering in the home 30 scenario where both the foreign registration server and the 

netwoikfromaforeignnetworknsingahomeinter-working ''""'^ inter-workmg function change; 

function for an anchor- FIGS. 34, 35 and 36 are functional flow charts depicting 

HG. 12 is a configuration diagram of selected parts of the ^^^^^^ 'f^''' ^^^^^^^ procedures according to the 

architecture of the network of FIG. 2 showing a first end P^^s^^t invention, 

system registering in the home network from the home 35 FIG. 37 is a functional flow chart depicting global handoff 

network and a second system registering in the home procedures according to the present invention when the 

network from a foreign network using a serving inter- inter-working function in the home network does not 

working function for an anchor; change; and 

HG. 14 is a ladder diagram of the request and response ^ * functional flow chart depicting global handoff 

messages to register in a home network from a foreign 40 procedures according to the present invention when the 

network and to establish, authenticate and configure a data mter-working function in the home network does change. 

DETAILED DESCRIPTION OF PREFERRED 

FIG. 15 is a configuration diagram of selected parts of the EMBODIMENTS 
architecture of the network of FIG. 2 showing registration 

requests and responses for registering a mobile in a home 45 The present invention provides computer users with 

network from the home network- remote access to the internet and to private intranets using 

HG. 16 is a configuration diagram of selected parts of the private network services over a high speed, packet 

architecture of the network of FIG. 2 showing registration T ^^^f.^ ^^^^^ ^^^^ ^"^^ ^^^^ ^^^^ 

requests and responses for registering a mobile in a home PuWic internet, pnvate mtranets and their mtemet service 

network from a foreign network; providers over a wireless hnk. The network supports 

™^ ^_ . r J- r X . . , roammg, that IS, the ability to access the mtcrnet and pnvate 

HG. 17 IS a configuration diagram of protocol stacks ^^^^^^ ^^^j ^^^^^ ^^^^^^^ 

Showmg communicaUons between an end system m a home ^^^^^ 

services offered by the present invention are 

network and an inter-workmg function m the home network ^^^^^^^ ^^^^^^^ ^ ^^^^^^ ^^^^^^ ^^^^ ^ 

where the cell site has local access pomts; ^^^^^ ^^^^^^ p^^^ attachment of the user to the 

HG. 18 is a configuration diagram of protocol stacks network witiiout disturbing the PPP link between the PPP 

showing communications between an end system in a home cUent and the PPP server. The networic targets users running 

network and an mter-working function in the home network horizontal internet and intranet applications. These appHca- 

where the ceU site has remote access points coupled to a tions include electronic mail, file transfer, browser based 

wireless hub through a wireless trunk; wWW access and other business applications buDt around 

FIG. 19 is a configuration diagram of protocol stacks the internet Because the network wfll be based on the IETF 

showing communications between a base station coupled to standards, it is possible to run streaming media protocols 

a roaming end system and a home inter-working function; tike RTP and conferencing protocols tike H.323 over it. 

FIG. 20 is a configuration diagram of protocol stacks Other internet remote access technologies that are already 

showing communications between an end system in a home 65 deployed or are in various stages of deployment include: 

network through an inter-working function in the home wire line dial-up access based on POTS and ISDN, XDSL 

network to an internet service provider; access, wireless circuit switched access based on GSM/ 
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CDMA/TDMA, wireless packet switched access based on intranets 46 or to internet service providers 46. Accounting 

GSM/CDMA/TDMA, cable modems, and satellite based and directory servers 48 in MSG 40 store accounting data 

systems. However, the present invention offers a low cost of and directory information. Element management server 50 

deployment, ease of maintenance, a broad feature set, manages the equipment which includes the base stations, the 

scaleability, an ability to degrade gracefully under heavy 5 IWFs and accounting/directory servers, 

load conditions and support for enhanced network services xhe accounting server will collect accoimting data on 

like virtual private networking, roaming, mobility and qual- tje^alf of users and send the data to the service provider's 

ity of service to the relative benefit of users and service billing system. The interface supported by the accounting 

providers. server will send accounting information in American Man- 

For wireless service providers who own personal com- lO agement Association (AMA) billing record format or any 

munications system (PCS) spectrum, the present invention other suitable billing format over a TCP/IP (transport control 

will enable them to offer wireless packet switched data protocol/internet protocol) transport to the billing system 

access services that can compete with services provided by (which is not shown in the figure), 

the traditional wire line telcos who own and operate the The network infrastructure provides PPP (point-to-point 

PSTN. Wireless service providers may also decide to 15 protocol) service to end systems. The network provides (1) 

become internet service providers themselves, in which fixed wireless access with roaming (log-in anywhere that the 

case, they will own and operate the whole network and wireless coverage is available) to end systems and (2) low 

provide end to end services to users. speed mobility and hand-offs. When an end system logs on 

For internet service providers tbe present invention will to a network, in it may request either fixed service (i,e., 

allow them to by-pass the telcos (provided they purchase or stationary and not requiring handoff services) or mobile 

lease the spectrum) and of[er direct end to end services to service (i.e., needing handoff services). An end system that 

users, perhaps saving access charges to the telcos, which does not specify fixed or mobile is regarded as specifying . 

may increase in the future as the internet grows to become mobile service. The actual registration of the end system is 

even bigger than it is now. the result of a negotiation with a home registration server 

Hie present invention is flexible so that it can benefit ^ based on requested level of service, the level of services 

wireless service providers who are not internet service subscribed to by the user of the end system and the facilites 

providers and who just provide ISP, internet or private available in the network. 

intranet access to end users. The invention can also benefit If the end system negotiates a fixed service registration 

service providers who provide wireless access and internet (i.e., not requiring handoff services) and the end system is 

services to end users. The invention can also benefit service located in the home network, an IWF (inter-working 

providers who provide wireless access and internet services function) is implemented in the base station to relay trafi&c 

but also allow the wireless portion of the network to be used between the end user and a communications server such as 

for access to other ISPs or to private intranets, a PPP server (i.e., the point with which to be connected, for 

In FIG. 2, end systems 32 (e.g., based on, for example, 35 example, an ISP PPP server or a corporate intranet PPP 

Win 95 personal computer) connect to wireless network 30 server or a PPP server operated by the wireless service 

using external or internal modems. These modems allow end provider to provide customers with direct access to the 

systems to send and receive meditun access control (MAC) public internet). It is anticipated that perhaps 80% of the 

frames over air link 34. External modems attach to the PC message traffic will be of this category, and thus, this 

via a wired or wireless link. External modems are fixed, and, ^ architecture distributes IWF processing into the base stations 

for example, co-located with roof top mounted directional avoids message traffic congestion in a central mobile 

antennae. External modems may be connected to the user's switching center. 

PC using any one of following means: 802.3, universal serial If the end system requests mobile service (from a home 

bus, parallel port, infra-red, or even an ISM radio link. network or a foreign network) or if the end system request 

Internal modems are preferably PCMCIA cards for laptops 45 roaming service (i.e., service from the home network 

and are plugged into the laptop's backplane. Using a small through a foreign network), two IWFs are established: a 

omni-directional antenna, they send and receive MAC serving IWF typically established in the base station of the 

frames over the air link. network to which the end system is attached (be it the home 

Wide-area wireless coverage is provided by base stations network or a foreign network) and a home IWF typically 

36. The range of coverage provided by base stations 36 50 estabUshed in mobile switching center MSC of the home 

depends on factors like link budget, capacity and coverage. network. Since this situation is anticipated to involve only 

Base stations are typically installed in ceU sites by PCS about 20% of the message traffic, the message traffic con- 

(personal communication services) wireless service provid- gestion around the mobile switching center is minimized, 

ers. Base stations multiplex end system traffic from their The serving IWF and the wireless hub may be co-located in 

coverage area to the system's mobile switching center 55 the same nest of computers or may even be programmed in 

(MSC) 40 over wire line or microwave backhaul network the same computer so that a timnel using an XT\innel 

38. protocol need not be established between the wireless hub 

The invention is independent of the MAC and PHY serving IWF. 

(physical) layer of the air link and the type of modem. The However, based on available facilities and the type and 

architecture is also independent of the physical layer and 60 quahty of service requested, a serving IWF in a foreign 

topology of backhaul network 38. The only requirements for network may alternatively be chosen from facilities in the 

the backhaul network are that it must be capable of routing foreign MSC. Generally, the home IWF becomes an anchor 

internet protocol (IP) packets between base stations and the point that is not changed during the commimications 

MSC with adequate performance. At Mobile Switching session, while the serving IWF may change if the end system 

Center 40 (MSC 40), packet data inter-working function 65 moves sufficiently. 

(IWF) 52 terminates the wireless protocols for this network. The base station includes an access hub and at least one 

IP router 42 connects MSC 40 to pub fie internet 44, private access point (be it remote or collocated with the access hub). 
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Typically, the access hub serves multiple access points. air link to the base station. The base station relays these 

While the end system may be attached to an access point by frames to the IWF in the MSG using the XTunnel protocol, 

a wire or cable according to the teachings of this invention, The IWF delivers them to a PPP server for processing. For 

in a preferred embodiment the end system is attached to the internet access, the PPP server may be in the same machine 

access point by a wireless "air link", in which case the access 5 as the IWF. For ISP or intranet access, the PPP server is in 

hub is conveniently referred to as a wireless hub. While the a private network and the IWF uses the layer two tunneling 

access hub is referred to as a "wireless hub" throughout the protocol (L2TP) to connect to it. 

description herein, it will be appreciated that an end system Jn the forward (down link) direction, PPP frames from the 

coupled through an access point to an access hub by wire or ppp server are relayed by the IWF to the base station using 

cable is an equivalent implementation and is contemplated 10 the XTunnel protocol. The base station de-tunnels down link 

by the term "access hub". frames and relays them over the air link to the end system, 

In the invention, an ead system includes an end user where they are processed by the end system's PPP layer, 

registration agent (e.g., software running on a computer of To support mobiUty, support for hand-offe are included, 

the end system, its modem or both) that communicates with The MAC layer assists the mobility management software in 

an access point, and through the access point to a wireless 15 station and the end system to perform hand-offs 

hub. efficiently. Hand-oflfe are handled transparently from the 

The wireless hub includes a proxy registration agent (e.g., peer PPP entities and the L2TP tunnel. If an end system 

software running on a processor in the wireless hub) acting moves from one base station to another, a new XTunnel is 

as a proxy for the end user registration agent. Similar created between the new base station and the original IWF. 

concepts used in, for example, the IETF proposed Mobile IP The old XTunnel from the old base station will be deleted, 

standard are commonly referred to as a foreign agent (FA). PPP frames will transparently traverse the new path. 

For this reason, the proxy registration agent of the present The network supports roaming (i.e., when the end user 

invention will be referred to as a foreign agent, and aspects connects to its home wireless service provider through a 

of the foreign agent of the present invention that differ fix)m foreign wireless service provider). Using this feature, end 

the foreign agent of Mobile IP are as described throughout ^ systems are able to roam away from the home network to a 

this description. foreign network and still gpt service, provided of course that 

Using the proxy registration agent (i.e., foreign agent FA) the foreign wireless service provider and the end system's 
in a base station, the user registration agent of an end system home wireless service provider have a service agreement, 
is able to discover a point of attachment to the network and In FIG. 3, roaming end system 60 has traveled to a 
register with a registration server in the MSG (mobile location at which foreign wireless service provider 62 pro- 
switching center) of the home network. The home registra- vides coverage. However, roaming end system 60 has a 
tion server determines the availability of each of the plural subscriber relationship with home wireless service provider 
inter-working function modules (IWFs) in the network 70. In the present invention, home wireless service provider 
(actually software modules that run on processors in both the 70 has a contractual relationship with foreign wireless 
MSG and the wireless hubs) and assigns IWF(s) to the service provider 62 to provide access services. Therefore, 
registered end system. For each registered end system, a roaming end system 60 connects to base station 64 of foreign 
tunnel (using the XTMnnel protocol) is created between the wireless service provider 62 over the air link. Then, data is 
wireless hub in the base station and an inter-working func- relayed from roaming end system 60 through base station 
tion (IWF) in the mobile switching center (MSG), this tunnel ^ 64, through serving IWF 66 of foreign wireless service 
transporting PPP frames between the end system and the provider 62, to home IWF 72 of home wireless service 
IWF. provider 70, or possibly through home IWF 72 of home 

As used herein, the XTunnel protocol is a protocol that wireless service provider 70 to internet service provider 74. 

provides in-sequence transport of PPP data frames with flow An inter-service provider interface, called the I -interface, 

control. This protocol may run over standard IP networks or 45 is used for communications across wireless service provider 

over point-to-point networks or over switched networks like (WSP) boundaries to support roaming. This interface is ii&ed 

ATM data networks or frame relay data networks. Such for authenticating, registering and for transporting the end 

networks may be based on Tl or T3 links or based on radio system's PPP frames between the foreign WSP and the home 

links, whether land based or space based. The XTunnel WSP. 

protocol may be built by adapting algorithms from L2TP 5Q ppp frames in the up link and the down link directions 

(layer 2 tunneling protocol). In networks based on links travel through the end system's home wireless service 

where lost data packets may be encountered, a provider (WSP). Alternatively, PPP frames directly transit 

re-transmission feature may be a desirable option. from the foreign WSP to the destination network. The base 

The end system's PPP peer (i.c., a communications station in the foreign WSP is the end system's point of 

server) may reside in the IWF or in a corporate intranet or 55 attachment in the foreign network. This base station sends 

ISP's network. When the PPP peer resides in the IWF, an end (and receives) PPP frames to (and from) a serving IWF in the 

system is provided with direct intemet access. When the PPP foreign WSP's mobile switching center. The serving IWF 

peer resides in an intranet or ISP, an end system is provided connects over the 1-interface to the home IWF using a layer 

with intranet access or access to an ISP. In order to support two tunnel to transport the end system's PPP frames in both 

intranet or ISP access, the IWF uses the layer two tunnehng so directions. The serving IWF in the foreign WSP collects 

protocol (L2TP) to connect to the intranet or ISP's PPP accounting data for auditing. The home IWF in the home 

server. From the point of view of the intranet or ISP's PPP WSP collects accounting data for billing, 

server, the IWF looks like a network access server (NAS). The serving IWP in the foreign WSP may be combined 

PPP traffic between the end system and the IWF is relayed with the base station in the same system, thus eliminating the 

by the foreign agent in the base station. 55 need for the X-Tunnel. 

In the reverse (up Unk) direction, PPP frames traveling During the registration phase, a registration server in the 

from the end system to the IWF are sent over the MAG and foreign WSP determines the identity of the roaming end 
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system's home network Using this information, the foreign 
registration server communicates with the home registration 
server to authenticate and register the end system. These 
registration messages flow over the I-interface, Once the end 
system has been authenticated and registered, a layer two 5 
tunnel is created between the base station and the serving 
IWF using the XTUNNEL protocol and another layer two 
tunnel is created between the serving IWF and the home 
IWF over the I-X tunnel. The home IWF connects to the end 
system's PPP peer as before, using L2TP (layer 2 tunneUng 
protocol). During hand-oflfe, the location of the home IWF 
and the L2TP tunnel remains fixed. As the end system moves 
from one base station to another base station, a new tunnel 
is created between the new base station and the serving IWF 
and the old tunnel between the old base station and the 
serving IWF is deleted. If the end system moves far enough, 
so that a new serving IWF is needed, a new I-X tunnel will 
be created between the new serving IWF and the home IWF. 
The old tunnel between the old serving and the home will be 
deleted. 

To support roaming, the I-interface supports 
authentication, registration and data transport services 
across wireless service provider boundaries. Authentication 
and registration services are supported using the IETF 
Radius protocol. Data transport services to transfer PPP 25 
frames over a layer two tunnel are supported using the 
I-Xunnel protocol. This protocol is based on the IETF L2TP 
protocol. 

As used in this description, the term home IWF refers to 
the IWF in the end system's home network. The term 30 
serving IWF refers to the IWP in the foreign network which 
is temporarily providing service to the end system. 
Similarly, the term home registration server refers to the 
registration server in the end system's home network and the 
term foreign registration server refers to the registration 35 
server in the foreign network through which the end system 
registers while it is roaming. 

The network supports both fixed and dynamic IP address 
assignment for end systems. There are two types of IP 
addresses that need to be considered. The first is the identity 40 
of the end system in its home network. This may be a 
structured user name in the format user@domain. This is 
different from the home IP address used in mobile IP. The 
second address is the IP address assigned to the end system 
via the PPP IPC address protocol. The domain sub -field of 45 
the home address is used to identify the user's home domain 
and is a fully quahfied domain name. The user sub-field of 
the hime address is used to identify the user in the home 
domain. The User-Name is stored on the end system and in 
the subscriber data-base at the MSG and is assigned to the 50 
user when he or she subscribes to the service. The domain 
sub-field of the User-Name is used during roaming to 
identify roaming relationships and the home registration 
server for purposes of registration and authentication. 
Instead of the structured user name, another unique identifier 55 
may be used to identify the user's home network and the 
user's identity in the home network. This identifier is sent in 
the registration request by the end system. The PPP IPCP is 
used to negotiate the IP address for the end system. Using IP 
configuration protocol IPCP, the end system is able to eo 
negotiate a fixed or dynamic IP address. 

Although the use of the structured user-name field and the 
non-use of an IP address as the home address is a feature that 
characterizes the present invention over a known mobile IP, 
the network may be enhanced to also support end systems 65 
that have no user-name and only a non-nuU home IP address, 
if mobile IP and its use in conjunction with PPP end systems 



becomes popular. The PPP server may be configured by the 
service provider to assign IP addresses during the IPCP 
address assignment phase that are the same as the end 
system's home IP address. In this case, the home address and 
the IPCP assigned address will be identical. 

In FIG. 4, base station 64 and air links from end systems 
form wireless sub-network 80 that includes the air links for 
end user access, at least one base station (e.g., station 64) 
and at least one backhaul network (e.g., 38 of FIG. 2) from 
the base station to MSG 40 (FIG.2). The wireless sub- 
network architecture of, for example, a 3-sectored base 
station includes the following logical fiinctions. 

1. Access point function. Access points 82 perform MAC 
layer bridging and MAC layer association and disso- 
ciation procedures. An access point includes a proces- 
sor (preferably in the form of custom application spe- 
cific integrated circuit ASIC), a link to a wireless hub 
(preferably in the form of an Ethemet link on a card or 
built into the ASIC), a link to an antenna (preferably in 
the form of a card with a data modulator/demodulator 
and a transmitter/receiver), and the antenna to which 
the end system is coupled. The processor runs software 
to perform a data bridging function and various other 
functions in support of registration and mobility han- 
dovers as further described herein. See discussion with 
respect to FIGS. 7, 8 and 11. 

Access points (APs) take MAC layer fi-ames from the 
air link and relay them to a wireless hub and vice 
versa. The MAC layer association and disassociation 
procedures are used by APs to maintain a list of end 
system MAC addresses in their MAC address filter 
table. An AP will only perform MAC layer bridging 
on behalf of end systems whose MAC addresses are 
present in the table. An access point and its associ- 
ated wireless hub are typically co-located. In its 
simpliest form, an access point is just a port into a 
wireless hub. When the APs and the wireless hub ire 
co-located in the same cell site, they may be con- 
nected together via a IEEE 802.3 link. Sometimes, 
access points are located remotely from the wireless 
hub and connected via a long distance link like a 
wired Tl trunk or even a wireless trunk. For multi- 
sector cells, multiple access points (Le., one per 
sector) are used. 

2, Wireless hub function. Wireless hub 84 performs the 
foreign agent (FA) procedures, backhaul load balancing 
(e.g., over multiple Tl's), backhaul network 
interfacing, and the xtunnel procedures. When support 
for quality of service (QOS) is present, the wireless hub 
implements the support for QOS by running the xtunnel 
protocol over backhauls with different QOS attributes. 
In a multi-sector cell site, a single wireless hub function 
is typically shared by multiple access points. 

A wireless hub includes a processor, a link to one or 
more access points (preferably in the form of an 
Ethemet link on a card or built into an ASIC), and a 
link to a backhaul line. The backhaul line is typically 
a Tl or T3 communications line that terminates in 
the mobile switching center of the wireless service 
provider. The link to the backhaul fine formats data 
into a preferred format, for example, an Ethernet 
format, a frame relay format or an ATM format. The 
wireless hub processor runs software to support data 
bridging and various other functions as described 
herein. See discussion with respect to FIGS. 9, 10 
and 11. 
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The base station design supports the following types of cell 
architectures. 

1. Local AP architecture. In a local AP architecture, access 
points have a large (>=2 km, typically) range. They are 
co-located in the cell site with the wireless hub (FIG. 
4). Access points may be connected to the wireless hub 
using an IEEE 802.3 network or may be directly 
plugged into the wireless hub's backplane or connected 
to the wireless hub using some other mechanism (e.g. 
universal serial bus, printer port, infra-red, etc.). It will 
be assumed that the first alternative is used for the rest 
of this discussion. The cell site may be omni or sectored 
by adding multiple access points and sectored antennas 
to a wireless hub. 

2. Remote AP architecture. In a remote AP architecture, 
access points usually have a very small range, typically 
around 1 km radius. They are located remotely (either 
indoors or outdoors) from the wireless hub. ATI or a 
wireless trunk preferably links remote access points to 
the cell site where the wireless hub is located. From the 
cell site, a wire line backhaul or a microwave link is 
typically used to connect to the IWF in the MSC. If 
wireless trunking between the remote AP and the 
wireless hub is used, omni or sectored wireless radios 
for trunking are utilized. The devices for trunking to 
remote access points are preferably co-located with the 
wireless hub and may be conneaed to it using an IEEE 
802.3 network or may be directly plugged into the 
wireless hub's backplane. These devices will be 
referred to by the term trunk AP. 

3. Mixed AP architecture. In a mixed architecture, the 
wireless sub-network will have to support remote and 
local access points. Remote access points may be added 
for hole filling and other capacity reasons. As described 
earlier, Tl or wireless trunks may be used to connect 
the remote AP to the wireless hub. 

FIG. 5 shows a cell with three sectors using local APs 
only. The access points and the wireless hub are co -located 
in the base station and are connected to each other with 
802.3 links. 

FIG. 6 shows an architecture with remote access points 82 
connected to wireless hub 84 using wireless trunks 86. Each 
trunk access point in the base station provides a point to 
multi-point wireless radio link to the remote micro access 
points (R-AP in figure). The remote access points provide air 
hnk service to end systems. The wireless hub and the trunk 
access points are co-located in the base station and con- 
nected together via 8023 links. This figure also shows 
remote access points 82R connected to the wireless hub via 
point to point Tl links. In this scenario, no trunk APs are 
required. 

To support all of the above cell architectures and the 
different types of access points that each cell might use, the 
network architecture follows the following rules: 

1. Access points function as MAC layer bridges. Remote 
access points perform MAC bridging between the air 
Hnk to the end systems and the wireless or Tl trunk to 
the cell site. Local access points perform MAC bridg- 
ing between the air link to the end systems and the 
wireless hub. 

2. Trunk access points also function as MAC layer 
bridges. They perform MAC bridging between the 
trunk (which goes to the access points) and the wireless 
hub. 

3. The wireless hub is connected to all co-located MAC 
bridges (i.e. local access points or trunk access points) 
using a 8023 link initially. 



Additionally, where local access points or remote access 
points with Tl trunks are used, the following rules are 
followed. 

1. Local access points are co-located with the wireless hub 
and connected to it using point to point 802.3 links or 
a shared 802,3 network. Remote access points are 
connected to the wireless hub using point to point Tl 
trunks. 

2. SectorizatioD is supported by adding access points with 
sectored antennas to the cell site. 

3. For each access point connected to the wireless hub, 
there is a foreign agent executing in the wireless hub 
which participates in end system registration. MAC 
layer association procedures are used to keep the MAC 
address filter tables of the access points up to date and 
to perform MAC layer bridging efficiently. Tlie wire- 
less hub participates in MAC association functions so 
that only valid MAC addresses are added to the MAC 
address filter tables of the access points. 

4. The wireless hub relays frames from the access points 
to the MSC IWF and vice versa using the xtunnel 
protocol unless the IWF is co-located with the wireless 
hub. The MAC address filter table is used to filter out 
those unicast MAC data frames whose MAC addresses 
are not present in the table. The APs always forward 
MAC broadcast frames and MAC frames associated 
with end system registration functions regardless of the 
contents of the MAC address filter table, 

5. Local access points use ARP to resolve MAC addresses 
for routing IP traffic to the wireless hub. Conversely, 
the wireless hub also uses ARP to route IP packets to 
access points. UDP/IP is used for network management 
of access points. 

6. Remote access points connected via Tl do not use ARP 
since the link will be a point to point Hnk. 

7.. Support for hand-oflBs is done with assistance from the 
MAC layer. 

In a cell architecture using wireless trunks and trunk APs, 
40 the following rules are followed. 

1. Trunk access points are co-located with the wireless 
hub and connected to it using point to point 802.3 links 
or other suitable means. 

2. Wireless trunk sectorization is supported by adding 
trunk access points with sectored antennas to the cell 
site. 

3. Hand-offe across backhaul sectors are done using the 
foreign agent in the wireless hub. For each backhaul 
sector, there is a foreign agent executing in the wireless 
hub. 

4. The trunk APs do not need to participate in MAC layer 
end system association and hand off procedures. Their 
MAC address filter tables will be dynamically pro- 
grammed by the wireless hub as end systems register 
with the network. The MAC address filter table is used 
to filter out unicast MAC frames. Broadcast MAC 
frames or MAC frames containing registration packets 
are aUowed to always pass through. 

5. Trunk APs use ARP to resolve MAC addresses for 
routing IP traffic to the wireless hub. Conversely, the 
wireless hub use ARP to route IP packets to trunk APs, 
UDP/IP is used for network management of trunk APs. 

6. In a single wireless trunk sector, MAC association and 
hand-oflk from one access point to another is done 
using the MAC layer with the assistance of the foreign 
agent in the wireless hub. Using these MAC layer 
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procedures, end systems associate with access points. 
As end systems move from one access point to another 
access point, the access points will use a MAC hand off 
protocol to update their MAC address filter tables. The 
wireless hub at the cell site provides assistance to 5 
access points to perform this function. This assistance 
includes relaying MAC layer hand off messages (since 
access points will not be able to commTinicate directly 
over the MAC layer with each other) and authenticating 
the end system for MAC layer registration and hand off 
and for updating the MAC address filter tables of the 
access points. 

7. The foreign agent for a wireless trunk sector is respon- 
sible for relaying frames from its trunk AP to the MSC 
and vice versa using the xtunnel protocol. Thus, the 15 
foreign agent for a trunk AP does not care about the 
location of the end system with respect to access points 
within that wireless trunk sector. In the down link 
direction, it just forwards frames firom the tunnel to the 



point Unk so that one trunk may be used to communicate 
with many remote APs in the same sector. 

The wireless hub bridges the trunk to the remote APs and 
the backhaul line (e.g., Tl or T3) to the network's mobile 
switching center (MSG). The protocol stack in the wireless 
hub implements MAC and PHY layers to the MSC on top of 
which is implemented an IP layer (Internet Protocol) on top 
of which is implemented a UDP layer (Universal Datagram 
Protocal, in combination refered to as UDP/IP) for network 
management on top of which is implemented an XTunnel 
protocol. The XTunnel protocol is a new format that 
includes aspects of mobility (e.g. as in mobile IP) and 
aspects of the Layer 2 Tunnel Protocol (L2TP). The XTunnel 
protocol is used to communicate from the wireless hub to the 
MSC and between inter-working functions (IWFs) in dif- 
ferent networks or the same network. 

In FIG. 10, the protocol stack for the relay function in the 
base station for supporting remote access points is shown. 
The relay function includes an interface to the backhaul line 



appropriate trunk AP which uses MAC layer bridging 20 (depicted as the wireless hub) and an interface to the remote 



to send the frames to all the remote access points 
attached in that backhaul sector. The access points 
consult their MAC address filter tables and either 
forward the MAC frames over the access network or 
drop the MAC frames. As described above, the MAC 25 
address filter tables are kept up to date using MAC 
layer association and hand off procedwes. In the up link 
direction, MAC frames are forwarded by the access 
points to the backhaul bridge which forwards them to 
the foreign agent in the wireless hub using the 802.3 30 
link. 

8. ARP is not be used for sending or receiving IP packets 
to the remote access points. The trunk access points 
determines the MAC address of the wireless hub using 
BOOTP procedures. Conversely, the wireless hub is 35 
configured with the MAC address of remote access 
points. UDP/IP is used for network management of 
access points and for end system association and hand 
off messages. 

IEEE 802.3 links in the cell site may be replaced by higher 40 
speed hnks. 

FIG. 7 shows the protocol stack for a local access point. 
At the base of the stack is physical layer PHY Physical layer 
PHY carries data to and from an end system over the air 
using radio waves as an example. When received from an 45 
end system, the AP receives data fi*om the physical layer and 
unpacks it from the MAC frames (the MAC layer). The end 
system data frames are then repacked into an Ethernet 
physical layer fomat (IEEE 8023 format) where it is sent via 
the Ethernet link to the wireless hub. When the AP's 50 
processor receives data from the wireless hub via its Ether- 
net link (i.e., the physical layer), the data to be transmitted 
to an end system, the AP packs the data in a medium access 
control (MAC) format, and sends the MAC layer data to its 
modulator to be transmitted to the end system using the PHY 55 
layer. 

In FIG. 8, the MAC and PHY layers to/from the end 
system of FIG. 7 are replaced by a MAC and PHY for the 
trunk to the cell site for a remote access point. Specifically, 
for a Tl trunk, the high level data link control protocol 60 
(HDLC protocol) is preferably used over the Tl. 

FIG. 9 depicts the protocol stack for the wireless hub that 
bridges the backhaul line and the trunk to the remote access 
point. The trunk to the remote APs are only required to 
support remote access points (as distinct from Ethernet 65 
coupled access points). The MAC and PHY layers for the 
wireless trunk to the remote APs provide a point to multi- 



AP (depicted as a trunk AP). From the point of view of the 
wireless hub, the trunk AP (depicted in FIG. 10) actually 
behaves like the AP depicted in FIG. 7. Preferably, the base 
station protocol stacks are split up into a wireless hub and a 
trunk AP with an Ethernet in between. In an N-sector 
wireless trunk, there are N wireless trunk APs in the cell site 
and one wireless hub. 

In FIG. 11, the base station protocol stack for a cell 
architecture using a local AP is shown. The relay function 
includes an interface to the backhaul line (depicted as the 
wireless hub) and an air link interface to the end system 
(depicted as an AP). From the point of view of the wireless 
bub, the AP (depicted in FIGS. 8 and 11) actually behaves 
like the trunk AP depicted in FIG. 8. Preferably, the base 
station protocol stacks are spUt up into a wireless hub and a 
trunk AP with an Ethernet in between. In a N-sector cell, 
there are N access points and a single wireless hub. 

The backhaul network from the base station to the MSC 
has the following attributes. 

1. The network is capable of routing IP datagrams 
between the base station and the MSC. 

2. The network is secure. It is not a public internet. Traffic 
from trusted nodes only are allowed onto the network 
since the network will be used for not only transporting 
end system traffic, but also for transporting 
authentication, accounting, registration and manage- 
ment traffic. 

3. The network has the necessary performance character- 
istics. 

4. Base stations support IP over Ethernet links. 

In typical application, the service provider is responsible for 
installing and maintaining the backhaul network on which 
the equipment is installed. 

The base stations supports the following backhaul inter- 
faces for communicating with the MSC. 

1. Base stations support IP over PPP with HDLC links 
using point to point Tl or fractional T3 links. 

2. Base stations support IP over frame relay using Tl or 
fractional T3 links. 

3. Base stations support IP over AAL5/ATM using Tl or 
fractional T3 links. 

Since all of the above interfaces are based on IETF 
standard encapsulations, commercial routers may be used in 
the MSC to terminate the physical links of the backhaul 
network. Higher layers are passed on and processed by the 
various servers and other processors. 
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End system registration procedures above the MAC layer over potentially long distances from the foreign network to 

are supported. In the following, end system registration the home network 

procedures at the MAC layer are ignored except where they For example, consider a case of a user who roams from 

impact the layers above. Chicago to Hong Kong. If the user's home network is in 

End systems may register for service on their home 5 Chicago and the user registers using a wireless service 

network or from a foreign network. In both scenarios, the provider in Hong Kong, then in the first configuration, the 

end system uses a foreign agent (FA) in the base station to anchor point will be the home IWF in Chicago and all data 

discover a point of attachment to the network and to register, will have to be relayed from Hong Kong to Chicago and vice 

In the former case, the FA is in the end system's home versa. The home IWF in Chicago will connect to the user's 

network. Id the latter case, the FA is in a foreign network. In lo ISP in Chicago. With the second configuration, the end 

either case, the network uses an IWF in the end system's system Tiser will be assigned an ISP in Hong Kong. Thus, 

home network as an anchor point (Le., unchanging through- data will not always have to be relayed back and forth 

out the session in spite of mobility), PPP frames to and from between Chicago and Hong Kong. In the second 

the end system travel via the FA in the base station to the configuration, the serving IWF will serve as the anchor and 

IWF in the home network. If the end system is at home, the 15 never change for the duration of the session even if the end 

home IWF is directly connected by means of the xtunnel system moves. However, the location of the FA may change 

protocol to the base station. Note that the home IWF may be as a result of end system movement in Hong Kong, 

combined with the base station in the same node. If the end FIG. 13 shows the second network configuration. In this 

system is roaming, a serving IWF in the foreign network is figure, the home network for end system A and B is WSP-A. 

connected to the home IWF over an I-interface. The serving 20 End system A registers from its home network, using its 

IWF relays frames between the base station and the home home IWF as an anchor point, and also connects to its ISP-A 

IWF. Note that the serving IWF may also be combined with using the ISPs PPP server. End system B registers from the 

the base station in the same node. From the home IWF, data foreign network of WSP-B and iises a serving IWF which 

is sent to a PPP server which may reside in the same IWF serves as the anchor point and connects the end system to an 

or to a separate server using the L2TP protocol. The separate 25 ISP using the ISP's PPP server. In this configuration, data for 

server may be owned and operated by a private network end system B does not have to be relayed from the foreign 

operator (e.g. ISP or corporate intranet) who is different network to the home network and vice versa, 

from the wireless service provider. For the duration of the In order for this configuration to work, not only must there 

session, the location of the home IWF and the PPP server be roaming agreements between the home and the foreign 

remains fixed. If the end system moves while connected, it 30 wireless service providers, but there also must be agree- 

will have to re -register with a new foreign agent. However, ments between the foreign wireless service provider and the 

the same home IWF and PPP server continues to be used. A end system's internet service provider directly or through an 

new xtuimel is created between the new FA and the IWF and intermediary. In the example above, not only must the 

the old xtunnel between the old foreign agent and the IWF wireless service provider in Hong Kong have a biisiness 

is destroyed. 35 agreement with the wireless service provider in Chicago, but 

FIG. 12 shows this network configuration for two end the WSP in Hong Kong must have a business agreement 

systems A and B, both of whose home wireless network is with the user's Chicago ISP and access to the Chicago ISPs 

wireless service provider A (WSP-A). One end system is PPP server in Hong Kong or a business agreement with 

registered from the home wireless network and the other another ISP locally in Hong Kong who has a business 

from a foreign wireless network. The home IWF in WSP-A 40 agreement for roaming with the user's Chicago ISP. 

serves as the anchor point for both end systems. For both end Additionally, the WSP in Hong Kong must be able to 

systems, data is relayed to the home IWF. The home IWF discover these roaming relationships dynamically in order to 

connects lo an internet service provider's PPP server owned do user authentication and accounting and to set up the 

by ISP-A. Here it is assumed that both end systems have appropriate tunnels. 

subscribed to the same ISP. If that were not the case, then the 45 It is difficult for those companies who are in the Internet 

home IWF would be shown also connected to another ISP infrastructure business to work out suitable standards in the 

Within a wireless service providers network, data between IETF for all of these scenarios. Thus, a preferable embodi- 

base stations and the IWF is carried using the xtunnel ment for the present invention is to implement the simpler, 

protocol. Data between the IWF and the PPP server is potentially less efficient configuration, where the IWF in the 

carried using Layer 2 TUimeling Protocol (L2TP). Data 50 home network is always used as the anchor point. However, 

between the serving IWF and the home IWF is carried using in the presence of suitable industry standardization of pro- 

the I-xtunnel protocol. tocols for Internet roaming, the second configuration should 

In a simple scenario, for a user in their home network be regarded as equivalent or alternative embodiment, 

requiring fixed service, the home IWF function may be An end system will have to register with the wireless 

dynamically actuated in the base station. Also, the serving ss network before it can start PPP and send and receive data. 

IWF function may be activated for a roaming user in the The end system first goes through the FA discovery and 

base station. registration phases. These phases authenticate and register 

Always using an IWF in the home network has its the end system to the wireless service provider Once these 

advantages and disadvantages. An obvious advantage is phases are over, the end system starts PPP. This includes the 

simpUcity. A disadvantage is that of always having to relay so PPP link establishment phase, the PPP authentication phase 

data to and from a possibly remote home IWF. The alter- and the PPP network control protocol phase. Once these 

native is to send all the necessary information to the serving phases are over, the end system is able to send and receive 

IWF so that it may connect to the end system's ISP/intranet IP packets using PPP. 

and for the serving IWF to send accounting information in The following discussion assumes that the end system is 

near real time back to the accounting server in the home 65 roaming and registering from a foreign network. During the 

network. This functionaUty is more complex to implement, FA discovery phase, the end system (through its user reg- 

but more efficient because it reduces the need to relay data istration agent) waits for or solicits an advertisement from 
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the foreign agent. The user registration agent uses adver- 
tisement messages sent by a near by foreign agent to 
discover the identity of the FA and to register. During this 
phase, the user registration agent of the end system selects 
a FA and issues a registration request to it. The FA acting as 
a proxy registration agent forwards the registration request 
to its registration server (the registration server in the foreign 
WSP). The registration server uses User-Name from the user 
registration agent's request to determine the end system's 
home network, and forwards the registration request for 
authentication to a registration server in the home network. 
Upon receiving the registration request relayed by the for- 
eign registration server, the home registration server authen- 
ticates the identity of the foreign registration server and also 
authenticates the identity of the end system. If authentication 
and registration succeeds, the home registration server 
selects an IWF in the home network to create an I-xtunnel 
link between the home IWF and the serving IWF (in the 
foreign WSP). The IWF in the home network serves as the 
anchor point for the duration of the PPP session. 

Once the authentication and registration phases are over, 
the various PPP phases will be started. At the start of PPP, 
an L2TP connection is created between the home IWF and 
requested ISP/intranet PPP server. In the PPP authentication 
phase, PPP passwords using PAP or CHAP are exchanged 
and the ISP or intranet PPP server independently authenti- 
cates the identity of the end system. 

Once this succeeds, the PPP network control phase is 
started. In this phase, an IP address is negotiated and 
assigned to the end system by the PPP server and the use of 
TCP/IP header compression is also negotiated. When this is 
complete, the end system is able to send and receive IP 
packets using PPP to its ISP or a corporate intranet. 

Note that two levels of authentication are perfonmed. The 
first authentication authenticates the identity of the end 
system to the registration server in the home network and the 
identities of the foreign network and the home network to 
each, other. To perform this function, the foreign agent 
forwards the end system's registration request using, for 
example, an IETF Radius protocol to a registration server in 
its local MSC in a Radius Access-Request packet. Using the 
end system's domain name, the foreign registration server 
determines the identity of the end system's home network 
and home registration server, and acting as a Radius proxy, 
encapsulates and forwards the request to the end system's 
home registration server. If the foreign registration server 
cannot determine the identity of the end system's home, it 
may optionally forward the Radius request to a registration 
server that acts like a broker (e.g. one that is owned by a 
consortium of wireless service providers), which can in turn 
proxy the Radius Access-Request to the final home regis- 
tration server. If the local registration server is unable to 
service the registration request locally or by proxying, then 
it rejects the foreign agent's registration request and the 
foreign agent rejects the end system's registration request. 
Upon receiving the Radius Access-Request, the home reg- 
istration server performs the necessary authentication of the 
identities of the foreign network and the end system. If 
authentication and registration succeeds, the home registra- 
tion server responds with a Radius Access-Response packet 
to the foreign registration server which sends a response to 
the foreign agent so that a round trip can be completed. The 
registration request is rejected if the home registration server 
is unable to comply for any reason. 

The second level of authentication verifies the identity of 
the end system to the intranet or ISP PPP server. PPP 
authentication, separate from mobility authentication allows 
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the infrastructure equipment to be deployed and owned 
separately from the ISP. 

FIG. 14 is a ladder diagram showing the registration 
sequence for a roaming end system. It is assumed that the 

5 PPP server and the home IWF are in the same server and 
L2TP is not required. Note the interactions with accounting 
servers to start accounting on behalf of the registering end 
system and also directory servers to determine the identity of 
the home registration server and to authenticate the end 
system's identity. More information on accounting, billing, 
roaming (between service providers) and settlement will be 
provided below. 

MAC layer messages from the user registration agent of 
the end system may be used to initiate Agent Solicitation. 
The MAC layer messages are not shown for clarity, 

1^ In FIG. 14, the end system (mobile) initially solicits an 
advertisement and the foreign agent replies with an adver- 
tisement that provides the end system with information 
about the network to which the foreign agent belongs 
including a care-of-addrcss of the foreign agent. 

20 Alternatively, this phase may be removed and all network 
advertisements may be done by a continuously emitted 
MAC layer beacon message. In this case, the network is 
assumed to be a foreign wireless service provider. Then, a 
user registration agent (in the end system) incorporates the 

25 information about the foreign agent (including the user name 
and other security credentials) and its network into a request 
and sends the request to the foreign agent. The foreign agent, 
as a proxy registration agent, relays the request to the foreign 
registration server (i.e., the registration server for the foreign 

30 wireless service provider. Then, the foreign registration 
server, recognizing that it is not the home directory, accesses 
the foreign directory server with the FDD in the foreign 
wireless service provider to leam how to direct the regis- 
tration request to the home registration server of the wireless 

35 service provider to which the end system belongs. The 
foreign registration server responds with the necessary for- 
warding infonnatioQ. Then, the foreign registration server 
encapsulates the end system's registration request in a 
Radius access request and relays the encapsulated request to 

40 the home registration server of the wireless service provider 
to which the end system belongs. The home registration 
server accesses the home directory server with the HDD of 
the home registration server to learn at least authentication 
information about the foreign service provider. Optionally, 

45 the home registration server accesses the subscriber's direc- 
tory to learn detail subscriber service profile information 
(e.g., quality of service options subscribed to, etc.). When all 
parties are authenticated, the home registration server sends 
a start IWF request to the home IWF and PPP server. The 

50 home IWF and PPP server starts the home accounting server 
and then sends a start IWF response to the home registration 
server. The home registration server then sends a Radius 
access response to the foreign registration server. The for- 
eign registration server then sends a start IWF request to the 

55 serving IWF server. The serving IWF server starts the 
serving accounting server and then sends a start IWF 
response to the foreign registration server. The foreign 
registration server sends a registration reply to the foreign 
agent, and the foreign agent relays the registration reply to 

60 the end system. 

A link control protocol (LCP) configuration request is 
send by the end system through the foreign registration 
server to the home IWF and PPP server. The home IWF and 
PPP server sends an LCP configuration acknowledgment 

65 through the foreign registration server to the end system. 
Similarly, a password authentication protocol (PAP) 
authentication request is sent to and acknowledged by the 
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home IWF and PPP server Alternatively, a challenge 
authentication protocol (CHAP) may be xised to authenti- 
cate. Both protocols may be used to authenticate or this 
phase may be skipped. 

Similarly, an IP configuration protocol (IPCP) configure 
request is sent to and acknowledged by the home IWF and 
PPP server. 

The connection to the end system may be terminated 
because of any one of the following reasons. 

1. User initiated termination. Under this scenario, the end 
system first terminates the PPP gracefully. This 
includes terminating the PPP network control protocol 
(IPCP) followed by terminating the PPP link protocol. 
Once this is done, the end system de-registers from the 
network followed by termination of the radio link to the 
access point. 

2. Loss of wireless link. This scenario is detected by the 
modem and reported to the modem driver in the end 
system. The upper layers of the software are notified to 
terminate the stacks and notify the user. 

3. Loss of connection to the foreign agent. This scenario 
is detected by the mobility driver in the end system. 
After trying to re-establish contact with a (potentially 
new) foreign agent and failing, the driver sends an 
appropriate notification up the protocol stack and also 
signals the modem hardware below to terminate the 
wireless link. 

4. Loss of connection to the IWF. This is substantially the 
same as for loss of connection to the foreign agent. 

5. Termination of PPP by MWF or PPP server. This 
scenario is detected by the PPP software in the end 
system. The end system's PPP driver is notified of this 
event. It initiates de-registration from the network 
followed by termination of the wireless link to the 
access point. 

End system service configuration refers to the concept of 
configuring the network service for an end system based on 
the subscriber's service profile. The subscriber's service 
profile is stored in a subscriber directory. The service profile 
contains information to enable the software to customize 
wireless data service on behalf of the subscriber. This 
includes information to authenticate the end system, allow 
the end system to roam and set up connections to the end 
system's internet service provider. Preferably, this informa- 
tion also includes other parameters, like, quality of service. 
In addition to the subscriber directory, a home domain 
directory (HDD) and a foreign domain directory (FDD) are 
used for roaming and for authenticating the foreign and 
home registration servers to each other. The HDD stores 
information about the end system's home network and the 
FDD stores information about foreign networks that a sub- 
scriber may visit. 

FIG. 15 shows how these directories map into the network 
architecture and are used during registration for an end 
system that is registering at home. In step 0 the end system 
(mobile) sohcits and receives an advertisement from the 
foreign agent to provides the end system with information 
about the network to which the foreign agent belongs. In this 
case, the network is the home wireless service provider. In 
step 1, user registration agent (in the end system) incorpo- 
rates the information about the foreign agent and its network 
and its security credentials into a request and sends the 
request to the foreign agent. In step 2, the foreign agent, as 
a proxy registration agent, relays the request to the home 
registration server. In step 3, the home registration server 
accesses the HDD of the home wireless service provider to 
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learn at least authentication information. In step 4, the home 
registration server accesses the subscriber directory to learn 
detail subscriber service profile information (e.g., quality of 
service options subscribed to, etc.). In step 5, the home 

5 registration server notifies the foreign agent of the access 
response. In steps 6 and 7, the foreign agent notifies the end 
system (i.e., mobile) of the registration reply 

FIG. 16 shows directory usage for an end system that is 
registering from a foreign network. In step 0 the end system 
(mobile) solicites an advertisement and the foreign agent 
advertises which provides the end system with information 
about the network to which the foreign agent belongs. In this 
case, the network is a foreign wireless service provider. In 
step 1, user registration agent (in the end system) incorpo- 
rates the information about the foreign agent and its network 
and its security credentials into a request and sends the 
request to the foreign agent. In step 2, the foreign agent, as 
a proxy registration agent, relays the request to the foreign 
registration server (i.e., the registration server for the foreign 
wireless service provider. In step 3, the foreign registration 

20 server accesses the HDD of foreign wireless service pro- 
vider to learn the network to which the end system belongs. 
In step 4, the foreign registration server forwards the end 
system's request to the home registration server of the end 
system's home wireless service provider. In step 5, the home 

25 registration server accesses the FDD of the home registra- 
tion server to learn at least authentication information about 
the foreign service provider. In step 6, the home registration 
server accesses the subscriber's directory to learn detail 
subscriber service profile information (e.g., quality of ser- 

30 vice options subscribed to, etc.). In step 7, the home regis- 
tration server notifies the foreign registration server of the 
access response. Id step 8, the foreign registration server 
forwards to the foreign agent the access response. In step 9, 
the foreign agent notifies the end system (i.e., mobile) of the 

35 registration reply. 

Protocol handling scenarios for handling bearer data and 
the associated stacks for transporting bearer data to and from 
an end system, the protocol stacks for the cell architectures 
using local APs (FIG. 17) and remote APs (FIG. 18). 

40 FIG. 17 shows the protocol stacks for handling commu- 
nications between an end system (in its home network) and 
a home IWF for End System@Home. FIG, 17 shows the 
protocol handling for a cell architecture where the access 
point and the wireless hub are co-located. 

45 FIG. 18 shows the protocol handling for a cell architecture 
where the access point is located remotely from the wireless 
hub. As shown, PPP terminates in the IWF and the configu- 
ration provides direct internet access. The configuration for 
the case where the PPP server is separate from the IWF is 

50 described later. 

In FIG. 18, PPP frames from the end system are encap- 
sulated in RLP (radio link protocol) frames which are 
encapsulated at the remote access point in MAC frames for 
communicating with the trunk access point (i.e., an access 

55 point physically located near the wireless hub), the remote 
access point being coupled to the access point by, for 
example, a wireless trunk). The access point functions as a 
MAC layer bridge and relays frames from the air link to the 
foreign agent in the wireless hub. The foreign agent 

60 de-encapsulates the RLP frames out of the MAC frames, and 
using the xtunnel protocol, relays the RLP frames to the 
IWF. A similar, albeit reverse, process occurs for transmit- 
ting frames from the IWF to the end system. 

If the end system moves to another foreign agent, then a 

65 new xtunnel will be automatically created between the new 
foreign agent and the IWF, so that PPP traffic continues to 
flow between them, without interruption. 
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In the remote AP cell architecture (FIG. 18) using wireless The new tunneling protocol is based on L2TP. By itself, 

trunks between the remote AP and the trunk AP, the air link L2TP is a , heavyweight tunneling protocol so that L2TP has 

between the end system and the access point may operate at a lot of overhead associated with tunnel creation and authen- 

a different frequency (fl) and use a different radio technol- tication. The new tunneling protocol of the present invention 

ogy as compared to the frequency (£2) and radio technology 5 has less overhead. The new xtunnel and I-X tunnel protocol 

of the trunk- may have the following features. 

FIG. 19 shows the protocol stacks for a roaming end 1. The xtunnel and I-X tunnel creation adds vendor 

system. The serving IWF uses the I -xtunnel protocol specific extensions to Radius Access Request and 

between the serving IWF and home IWF, The rest of the Radius Access Response messages between the base 

protocol stacks remain unchanged and are not shown. This station and the registration server. These extensions 

architecture may be simplified by merging the serving IWF negotiate timnel parameters and to create the tunnel, 

into the base station, th^Js eHminating the XWD protocol, 2. The registration server is able to delegate the actual 

The RLP layer uses sequence numbers to drop duplicate work of tunneling and relaying packets to a different IP 

PPP datagrams and provide in-sequence delivery of PPP address, and therefore, to a different server in the MSC. 

datagrams between the end system and the IWF, It also - This permits the registration server to do load balancing 

provides a configurable keep-alive mechanism to monitor across multiple IWF servers and to provide different 

hnk connectivity between the end system and the IWF. QOS to various users. 

Additionally, in an alternative embodiment, the RLP layer 3- The xtunnel and I-X tunnel protocol supports in-band 

also provides re-transmission and flow control services in control messages for tunnel management. These mes- 

order to reduce the overall bit error rate of the link between sages include echo request/response to test tunnel 

the end system and the IWF. The RLP between the end connectivity, disconnect request/response/notify to dis- 

system and the IWF is started at the beginning of the session connect the tunnel and error notify for error notifica- 

and remains active throughout the session and even across ^^^^ '^^f^^L^'L^''' ^'^^^ ^n^hng 

hand-offs example, UDP/IP. 

In contrast to the specificaUon in the mobile IP RFC (RFC ^^^J^^^^^ ^^^.^'^ 'T^^^ P/^^^'^^ '^^'^.^^l''^ 

2003), IP in IP encapsulation is not used for tuniieUng ^ f ^"^P^^' 

. , ' . r • * J I. T^iTf^ T * J xtuimel and 1-X tunnel protocol supports now control 

between the foreign agent and the home IWF. Instead a new 1 * j v 

, , 7. I , J , fiiTMi- J Tn-' and m-sequence packet dehvery. 

tunnelmgprotocol, implemented on top 01 UDP is used. This rT^^ iivV. 1 ^ i .j 

1- * 1 • • 1-c J • f .1. T-tTT» 5. The xtunnel I-X tunnel protocol may be implemented 

tunneling protocol is a simplified version of the L2TP j. *u xfr-iTi/iiif r* 

r 1 • V • 1? It over media other than UDP/IP for quality 01 service, 

protocol. Tlie reasons for this choice are as follows. 3^ ^^^^^^^ ^^^^^^^ ^^^^^ ^t^^^^t connectivity by 

1. The encapsulaUon protocol specified m RFC 2003 does terminating the PPP in the home IWF and routing IP packets 
not provide flow control or m-sequence delivery of ^^^^ ^j^^ internet via a router using standard IP 
packets. The presenUy described network may need jo^t^Qg techniques. Preferably, the IWF runs RIP, and the 
these services in the tunnel over the backhaul. Flow ^^^^^ Rjp possibly other routing protocols hke 
control may be needed to reduce the amount of 35 qSPF 

re-transmissions over the air link because of packet loss ^he network supports a first configuration for a wireless 

due to flow control problems over the network between g^^vice provider who is also an internet service provider. In 

the base station and the MSC or because of flow control this configuration, the home IWF in the MSC also functions 

problems m the base staUon or the IWF, a PPP server. This IWF also runs internet routing proto- 

2. By usmg a UDP based tunneling protocol, the imple- 40 cols like RIP and uses a router to connect to the internet 
mentation can be done at the user level and then put service provider's backbone network. 

into the kernel for performance reasons, after it has xhe network supports a second configuration for a wire- 
been debugged. less service provider who wishes to allow end systems to 

3. Using RFC 2003, there is no easy way of creating connect to one or more mtemet service providers, either 
tunnels taking into account quality of service and load 45 because the WSP itself is not ISPs, or because the WSP has 
balancing. In order to take QOS into account, it should agreements with other ISPs to provide access to end users, 
be possible to set up tunnels over links that aheady For example, a wireless service provider may elect to offer 
provide the required QOS. Secondly, using RFC 2003, network access to an end user and may have an agreement 
there is no easy way to provide load balancing to with a 3"* party ISP to allow the user who also has an 
distribute bearer traffic load over multiple links 50 account with the 3"^ party ISP to access the ISP from the 
between the base station and the MSC. WSP network. In this configuration, the PPP server does not 

4. In order to implement IP in IP encapsulation as speci- run in the home IWF installed at the MSC. Instead, a 
fied in RFC 2003, developers require access to IP tunneling protocol like L2TP (Layer Two Tunneling 
source code. In commercial operating systems, source Protocol) is tised to tuimelback to the ISP's PPP server. FIG. 
code for the TCP/IP stack is generally proprietary to ss 10 shows the protocol stacks for this configuration for an end 
other equipment manufacturers. Purchasing the TCP/IP system that is at home, 

stack from a vendor and making changes to the IP layer The location of the home IWF and the ISP PPP server 

to support mobile IP tunneling would require a devel- remains fixed throughout the PPP session. Also, the L2TP 

oper to continue supporting a variant version of the tunnel between the IWF and the ISP*s PPP server remains up 

TCP/IP stack. This adds cost and risk. 60 throughout the PPP session. The physical link between the 

While it is noted that the tunneling protocol between the IWF and the PPP server is via a router using a dedicated Ti 

base station and the IWF is non-standard and that the or T3 or frame relay or ATM network. The actual nature of 

wireless service provider will not be able to mix and match the physical link is not important from the point of view of 

equipment from different vendors, the use of a non-standard the architecture, 

tunneling protocol within a single wireless service provider 65 This configuration also supports intranet access. For intra- 

network is transparent to end systems and equipment from net access, the PPP server resides in the corporate intranet 

other vendors. and the home IWF uses L2TP to tunnel to it. 



03/18/2004, EAST Version: 1.4.1 



us 6,665,718 Bl 

23 24 

For a fixed end system, the protocol handling for intranet rity context defines an authentication algorithm, a mode, a 

or ISP access is as shown in FIG. 20 with the difference that secret (shared or public-private), style of replay protection 

the roaming end system uses a serving IWF to connect to its and the type of encryption to use. In the context of the 

home rWF. The protocol handling between a serving IWF present network, the end system's User-Name (in lieu of the 

and a home IWF has been described earUer. In FIG. 20, the 5 mobile IP home address) is used to identify the mobility 

home IWF may be merged into the wireless hub eliminating security association between the end system and its home 

the X- Tunnel protocol. Also, the serving IWF may be network. Another parameter, called the security parameter 

merged into the wireless hub, thus eliminating the X-tunnel index (SPI), is used to select a security context within the 

protocol. mobility security association. In a basic embodiment of the 

FIG. 21 shows the protocol stacks used during the regis- lo invention, only the default mobile IP authentication algo- 

tration phase (end system registration) for a local AP cell rithm (keyed-MD5) and the default mode ("prefix+sufiBx") 

architecture. The stack for a remote AP cell architecture is are supported with 128-bit shared secrets. Network users arc 

very similar. allowed to define multiple shared secrets with their home 

The scenario shown above is for a roaming end system. networks. The mechanism for creating security contexts for 

For an end system at home, there is no foreign registration 15 end users, assigning an SPI to each security context and for 

server in the registration path. setting the contents of the security context (which includes 

Note the mobility agent in the end system. The mobility the shared secret) and for modifying their contents arc 

agent in the end system and foreign agent in the wireless hub described below. During registration, a 128-bit message 

are conceptually similar to the mobile IP RFC 2002. The digest b computed by the end system in prefix+sufiBx mode 

mobility agent handles network errors using time-outs and 20 using the MD5 algorithm. The shared secret is used as the 

re-trys. Unlike the known protocol stacks for bearer data, prefix and the suffix for the data to be protected in the 

RLP is not used. The foreign agent and the registration registration request. The authenticator thus computed, along 

servers use Radius over UDP/IP to communicate with each with the SPI and the User-Name are transmitted in the 

other for registering the end system. registration request by the end system. Upon receiving the 

Several aspects of security must be considered. The first, 25 end system's registration request, the foreign registration 

authenticating the identities of the end system and the server relays the request along with the authenticator and the 

foreign/home networks during the wireless registration SPI, unchanged to the home registration server. Upon 

phase. Second, authenticating the identity of the end system receiving the registration request directly from the end 

with its PPP server during the PPP authentication phase. system or indirectly via a foreign registration server, the 

Third, authentication for storing accounting data, for billing 30 home registration server uses the SPI and the User-Name to 

and for updating home domain information. Fourth, encryp- select the security context. The home server re-computes the 

tion of bearer trafific transmitted to and from the end system. authenticator using the shared secret. If the computed 

Fifth, encryption for exchanging billing information across authenticator value matches the value of the authenticator 

service provider boundaries. sent in the request by the end system, the user's identity will 

Shared secrets are used to authenticate the identity of end 35 have been successfully authenticated. Otherwise, the home 

systems with their home networks and the identity of the registration server naks (negatively acknowledges) the reg- 

home and foreign networks with each other during wireless istration request sent by the end system, 

registration. The registration reply sent by the home registration server 

End system authentication uses a 128-bit shared secret to to the end system is also authenticated using the algorithm 
create an authenticator for its registration request. The 40 described above. The SPI and the computed authenticator 
authenticator is created using the known MD5 message value is transmitted in the registration reply message by the 
digest algorithm as described in the mobile IP RFC 2002. home server to the end system. Upon receiving the reply, the 
Alternatively, a different algorithm mat be used. The shared end system re-computes the authenticator, and if the corn- 
secret is not sent in the registration request by the end puted value does not match the transmitted value, it will 
system. Only the authenticator is sent. On receiving the 45 discard the reply and retry. 

registration request from the end system, the home registra- The user's end system has lo be configured with the 
tion server recomputes the authenticator over the registration shared secret and SPIs for all security contexts that the user 
request data using the shared secret. If the computed authen- shares with its registration server(s). This configuration 
ticator value matches the authenticator value sent by the end information is preferably stored in a Win 95 registry for 
system, the home registration server allows the registration so Windows 95 based end systems. During registration, this 
process to proceed. If the values do not match, the home information is accessed and used for authentication pur- 
registration server logs the event, generates a security vio- poses, 

lation alarm and a nak (i.e., a negative acknowledgment) to In the network, Radius protocols are used by foreign agent 

the request. FA to register the end system and to configure the xtunnel 

In the registration reply, the home registration server does 55 between the wireless hub and the home and serving IWFs on 
the same — that is to say, uses the shared secret to create an behalf of the end system. On receiving a registration request 
authenticator for the registration reply that it sends to the end from the end system, the FA creates a Radius Access- 
system. Upon receiving the reply, the end system Request packet, stores its own attributes into the packet, 
re-computes the authenticator tising the shared secret. If the copies the end system's registration request attributes 
computed value does not match the authenticator value sent 60 unchanged into this packet and sends the combined request 
by the home registration server in the reply, the end system to the registration server in the MSC. 
discards the reply and tries again. Radius authentication requires that the Radius client (in 

These network security concepts are similar to the con- this case, the FA in the base station) and the Radius server 

cepts defined in mobile IP RFC 2002. According to the RFC, (in this case, the registration server in the MSC) share a 

a mobility security association exist between each end 65 secret for authentication puirposes. This shared secret is also 

system and its home network. Each mobility security asso- used to encrypt any private information conmiunicatcd 

ciatioQ defines a collection of security contexts. Each secu- between the Radius client and the Radius server. Hie shared 
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secret is a configurable parameter. The network follows the 
recommendations in the Radius RFC and iises the shared 
secret and the MD5 algorithm for authentication and for 
encryption, where encryption is needed. The Radius-Access 
Request packet sent by the FA contains a Radius User-Name 
attribute (which is provided by the end system) and a Radius 
User-Password attribute. The value of the User-Password 
attribute is also a configurable value and encrypted in the 
way recommended by the Radius protocol. Other network 
specific attributes, which are non-standard attributes from 
the point of view of the Radius RFC standards, are encoded 
as vendor specific Radius attributes and sent in the Access- 
Request packet. 

The following attributes are sent by the FA to its regis- 
tration server in the Radius Access-Request packet. 

1. User-Name Attribute. This is the end system's user- 
name as supplied by the end system in its registration 
request. 

2. User-Password Attribute. This user password is sup- 
plied by the base station/wireless hub on behalf of the 
user. It is encoded as described in the Radius EFC using 
the secret shared between the base station and its 
registration server. 

3. NAS-Port. This is the port on the base station, 

4. NAS-IP-Address. This is the IP address of the base 
station. 

5. Service-Type. This is framed service. 

6. Framed Protocol. This is a PPP protocol. 

7. Xtunnel Protocol Parameters. These parameters are 
sent by the base station to specify the parameters 
necessary to set up the xtunnel protocol on behalf of the 
end system. This is a vendor-specific attribute. 

8. AP-IP-Address. This is the IP address of the AP through 
which the user is registering. This is a vendor-specific 
attribute. 

9. AP-MAC-Address. This is the MAC address of the AP 
through which the user is registering. This is a vendor- 
specific attribute. 

10. End system's Registration Request. The registration 
request from the end system is copied unchanged into 
this vendor specific attribute. 

The following attributes are sent to the FA from the 
registration server in the Radius Access-Response packet, 

1. Service Type. This is a framed service. 

2. Framed-Protocol. This is a PPP. 

3. Xtunnel Protocol Parameters. These parameters are 
sent by the registration server to specify the parameters 
necessary to set up the xtunnel protocol on behalf of the 
end system. This is a vendor-specific attribute. 

4. Home Registration Server's Registration Reply. This 
attribute is sent to the FA from the home registration 
server. The FA relays this attribute unchanged to the 
end system in a registration reply packet. If there is a 
foreign registration server in the path, this attribute is 
relayed by it to the FA unchanged. It is coded as a 
vendor-specific attribute. 

To provide service to roaming end systems, the foreign 
network and the home network are authenticated to each 
other for accounting and billing purposes using the Radius 
protocol for authentication and configuration. This authen- 
tication is performed at the time of end system registration. 
As described earlier, when the registration server in the 
foreign network receives a registration request from an end 
system (encapsulated as a vendor specific attribute in a 
Radius-Access Request packet by the FA), it uses the end 



55,718 Bl 

26 

system's User-Name to determine the identity of the end 
system's home registration server by consulting its home 
domain directory HDD. The following information is stored 
in home domain directory HDD and accessed by the foreign 
5 registration server in order to forward the end system's 
registration request. 

1. Home Registration Server IP Address. This is the IP 
address of the home registration server to forward the 
registration request, 
^0 2. Foreign Registration Server Machine Id. This is the 
machine ID of the foreign registration server in SMTP 
(simplified mail transfer protocol) format (e.g., 
machine@fqdn where machine is the name of the 
foreign registration server machine and fqdn is the fuUy 
qualified domain name of the foreign registration serv- 
er's domain). 

3. Tunneling Protocol Parameters. These are parameters 
for configuring the tunnel between the serving IWF and 
the home IWF on behalf of the end system. These 

2Q include the tunneling protocol to be used between them 
and the parameters for configuring the tunnel. 

4. Shared Secret. This is the shared secret to be used for 
authentication between the foreign registration server 
and the home registration server. This secret is used for 

25 computing the Radius User-Password attribute in the 
Radius packet sent by the foreign registration server to 
the home registration server. It is defined between the 
two wireless service providers. 

5. User-Password. This is the xiser password to be used on 
30 behalf of the roaming end system. This user password 

is defined between the two wireless service providers. 
This password is encrypted using the shared secret as 
described in the Radius RFC. 

6. Accounting Parameters, These are parameters for con- 
35 figuring accounting on behalf of the end system that is 

registering. These parameters are sent by the registra- 
tion server to its IWF for configuring accounting on 
behalf of the end system. 
Using this information, the foreign registration server 
40 creates a Radius Access-Request, adds its own registration 
and authentication information into the Radius Access- 
Request, copies the registration information sent by the end 
system unchanged into the Radius Access-Request and 
sends the combined request to the home registration server; 
45 Upon receiving the Radius-Access Request from the 
foreign registration server (for a roaming end system) or 
directly from the FA (for an end system at home), the home 
registration server consults its own directory server for the 
shared secrets to verify the identity of the end system and the 
50 identity of the foreign registration server in a roaming 
scenario by recomputing authenticators. 

After processing the request successfully, the home reg- 
istration server creates a Radius Access-Accept response 
packet and sends it to the foreign registration server if the 
55 end system is roaming, or directly to the FA from which it 
received the Radius Access-Request. The response contains 
the registration reply attribute that the FA relays to the end 
system. 

If the request can not be processed successfully, the home 
60 registration server creates a Radius Access-Reject response 
packet and sends it to the foreign registration server if the 
end system is roaming, or directly to the FA from which it 
received the Radius Access-Request. The response contains 
the registradon reply attribute that the FA will relays to the 
65 end system. 

In a roaming scenario, the response from the home 
registration server is received by the foreign registration 
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server It is authenticated by the foreign registration server 
using the shared secret. After authenticating, the foreign 
registration server processes the response, and in turn, it 
generates a Radius response packet (Accept or Reject) to 
send to the FA. The foreign registration server copies the 5 
registration reply attribute from the home registration serv- 
er's Radius response packet, unchanged, into its Radius 
response packet. 

When the FA receives the Radius Access-Response or 
Radius Access-Reject response packet, it creates a rcgistra- 10 
tion reply packet using the registration reply attributes from 
the Radius response, and sends the reply to the end system, 
thus completing the round trip registration sequence. 

Mobile IP standards specifies that replay protection for 
registrations are implemented using time stamps, or 15 
optionally, using nonces. However, since replay protection 
using time stamps requires adequately synchronized time- 
of-day clocks between the corresponding nodes, the present 
invention implements replay protection during registration 
using nonces even though replay protection using time 20 
stamps is mandatory in the Mobile IP standards and the use 
nonces is optional However, replay protection using time 
stamps as an alternative embodiment is envisioned. 

Hie style of replay protection used between nodes is 
stored in the security context in addition to the authentica- 25 
tion context, mode, secret and type of encryptioa 

The network supports the tise of PPP PAP (password 
authentication) and CHAP (challenge authenticated 
password) between the end system and its PPP server. This 
is done independently of the registration and authentication 30 
mechanisms described earlier This allows a private intranet 
or an ISP to independently verify the identity of the user. 

Authentication for accoimting and directory services is 
described below with respect to accounting security. Access 
to directory servers from network equipment in the same 35 
MSC need not be authenticated. 

The network supports encryption of bearer data sent 
between the end system and the home IWF. End systems 
negotiate encryption to be on or off by selecting the appro- 
priate security context. Upon receiving the registration 40 
request, the home registration server grants the end system's 
request for encryption based upon the security context. In 
addition to storing the authentication algorithm, mode, 
shared secret and style of replay protection, the security 
context is also used to specify the style of encryption 45 
algorithm to ;ise. If encryption is negotiated between the end 
system and the home agent, then the complete PPP frame is 
so encrypted before encapsulation in RLP. 

TTie IWF, the accounting server and the bilUng system are 
part of the same trusted domain in the MSC, Hiese entities 50 
are either connected on the same LAN or part of a trusted 
intranet owned and operated by the wireless service pro- 
vider Transfer of accounting statistics between the IWF and 
the accounting server and between the accounting server and 
the customer's billing system may be encrypted using Inter- 55 
net IP security protocols like IP-Sec. 

Hie network makes it more difficult to monitor the 
location of the end system because it appears that all PPP 
frames going to and from the end system go through the 
home IWF regardless of the actual location of the end 60 
system device. 

Accounting data is collected by the serving IWF and the 
home IWF in the network. Accounting data collected by the 
serving IWF is sent to an accounting server in the serving 
IWF's MSC. Accoimting data collected by the home IWF is 65 
sent to an accounting server in the home IWF's MSC. The 
accounting data collected by the serving IWF is used by the 
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foreign wireless service provider for auditing and for settle- 
ment of bills across wireless service provider boundaries (to 
support roaming and mobility). The accounting data col- 
lected by the home IWF is used for billing the end user and 
also for settlement across wireless service provider bound- 
aries to handle roaming and mobility. 

Since all data traffic flows through the home IWF, regard- 
less of the end system's location and the foreign agent's 
location, the home IWF has all the information to generate 
bills for the customer and also settlement information for the 
use of foreign networks. 

The serving IWF and the home IWF preferably use the 
Radius accounting protocol for sending accounting records 
for registered end systems. The Radius accounting protocol 
is as doctmiented in a draft IETF RFC. For the present 
invention, the protocol has to be extended by adding vendor 
specific attributes for the network and by adding check- 
pointing to the Radius Accounting protocol. Check-pointing 
in this context refers to the periodic updating of accounting 
data to minimize risk of loss of accounting records. 

The Radius accounting protocol runs over UDP/IP and 
uses re-trys based on acknowledgment and time outs. The 
Radius accounting client (serving IWFs or home IWFs) send 
UDP accounting request packets to their accounting servers 
which send acknowledgments back to the accounting cU- 
ents. 

In the network, the accounting clients (serving IWF and 
the home IWF) emit an accounting start indication at the 
start of the tiser's session and an accounting stop indication 
at the end of the user's session. In the middle of the session, 
the accotinling clients emit accoimting checkpoint indica- 
tions. In contrast, the Radius accounting RFC does not 
specify an accounting checkpoint indication. Hie software 
of the present invention creates a vendor specific accounting 
attribute for this purpose. This accoimting attribute is present 
in all Radius Accounting-Request packets which have Acct- 
Status-Type of Start (accounting start indications). The value 
of this attribute is used to convey to the accounting server 
whether the accoimting record is a check-pointing record or 
not. Check-pointing accounting reports have a time attribute 
and contain cumulative accounting data from the start of the 
session. The frequency of transmitting check-point packets 
is configurable in the present invention. 

The serving IWF and the home IWF are configured by 
their respective registration servers for connecting to their 
accounting servers during the registration phase. The con- 
figurable accounting parameters include the IP address and 
UDP port of the accounting server, the frequency of check- 
pointing, the session/multi-session id and the shared secret 
to be used between the accounting client and the accounting 
server 

The network records the following accounting attributes 
for each registered end system. These accounting attributes 
are reported in Radius accounting packets at the start of the 
session, at the end of the session and in the middle (check- 
point) by accounting clients to their accounting servers. 

1 . User Name. This is fike the Radius User-Name attribute 
discussed above. This attribute is used to identify the 
user and is present in all accounting reports. The format 
is "user@domain" where domain is the fiilly qualified 
domain name of the user's home. 

2. NAS IP Address. This is Uke the Radius NAS-IP- 
Addrcss attribute discussed above. This attribute is 
used to identify the IP address of the machine running 
the home IWF or the serving IWF. 

3. Radio Port. This attribute identifies the radio port on the 
access point providing service to the user This attribute 
is encoded as a vendor specific attribute. 
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4. Access Point IP Address. This attribute identifies the IP 
address of the access point providing service to the 
user. This attribute is encoded as a vendor specific 
attribute. 

5. Service Type. This is like the Radius Service-Type 5 
attribute described above. The value of this attribute is 
Framed. 

6. Framed Protocol. This is like the Radius Framcd- 
Protocol attribute described above. The value of this 
attribute is set to indicate PPP. 

7. Accounting Status Type. This is like the Radius Acct- 
Status-iype attribute described above. The value of this 
attribute may be Start to mark the start of a user's 
session with the Radius client and Stop to mark the end 
of the user's session with the Radius client. For 
accounting clients, the Acct-Status-iype/Start attribute 
is generated when the end system registers. The Acct- 
Status- type/Stop attribute is generated when the end 
system de-registers for any reason. For checkpoints, the 
value of this attribute is also Start and the Accounting 
Checkpoint attribute is also present. 

8. Accounting Session Id. This is like the Radius Acct- 
Session-ld described above. In a roaming scenario, this 



session id is assigned by the foreign registration server 
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when the end system issues a registration request. It is 
communicated to the home registration server by the 
foreign registration server during the registration 
sequence. The home network and the foreign network 
both know the Acct-Session-Id attribute and are able to 
emit this attribute while sending accounting records to 
their respective accoxmting servers. In a "end system- 
at-home*' scenario, this attribute is generated by the 
home registration server. The registration server com- 
municates the value of this attribute to the IWF which 
emits it in all accounting records, 
9. Accoxmting Multi-Session Id. This is like the Radius 
Acct-Multi-Session-Id discussed above. This id is 
assigned by the home registration server when a reg- 
istration request is received from a FA directly or via a 40 
foreign registration server on behalf of an end system. 
It is communicated to the foreign registration server by 
the home registration server in the registration reply 
message. The registration server(s) communicates the 
value of this attribute to the IWF(s) which emit it in all 45 
accounting records. 
With true mobility added to the architecture, the id is used 
to relate together the accounting records from different IWFs 
for the same end system if the end system moves from one 
IWF to another. For hand-ofib across IWF boundaries, the 5Q 
Acct-Session-Id is different for accounting records emanat- 
ing from different IWFs. However, the Acct-Multi-Session- 
Id attribute is the same for accoimting records emitted by all 
IWFs that have provided service to the user Since the 
session id and the multi-session id are known to both the 55 
foreign network and the home network, they are able to emit 
these attributes in accounting reports to their respective 
accoimling servers. With the session id and the multi-session 
id, billing systems are able, to correlate accounting records 
across IWF boundaries in the same wireless service provider gQ 
and even across wireless service provider boxmdaries. 

1. Accounting Delay Time. See Radius Acct-Delay-Ume 
attribute. 

2, Accounting Input Octets. See Radius Acct-Input- 
Octets. This attribute is used to keep track of the 65 
number of octets sent by the end system (input to the 
network from the end system). This count is used to 



track the PPP frames only. The air link overhead, or any 
overhead imposed by RLP, etc. and is not counted. 

3. Accounting Output Octets. See Radius Acct-Output- 
Octets, This attribute is used to keep track of the 
number of octets sent to the end system (output from 
the network to the end system). This count is used to 
track the PPP frames only. The air link overhead, or any 
overhead imposed by RLP, etc. and is not coimted. 

4. Accounting Authentic. See Radius Acct-Authentic 
attribute. The value of this attribute is Lxical or Remote 
depending on whether the serving IWF or the home 
IWF generates the accounting record. 

5. Accounting Session Time, See Radius Acct -Session- 
Time attribute. This attribute indicates the amount of 
time that the user has been receiving service. If sent by 
the serving IWF, this attribute tracks the amount of time 
that the user has been receiving service from that 
serving IWF. If sent by the home IWF, this attribute 
tracks the amount of time that the user has been 
receiving service from the home IWF. 

6. Accounting Input Packets. See Radius Acct-Input- 
Packets attribute. This attribute indicates the number of 
packets received from the end system. For a serving 
IWF, this attribute tracks the number of PPP frames 
input into the serving IWF from an end system. For a 
home IWF, this attribute tracks the number of PPP 
frames input into the home IWF from an end system. 

7. Accounting Output Packets. See Radius Acct-Output- 
Packets attribute. This attribute indicates the number of 
packets sent to the end system. For a serving IWF, this 
attribute tracks the number of PPP frames output by the 
serving IWF to the end system. For a home IWF, this 
attribute tracks the number of PPP frames sent to the 
end system from the home IWF. 

8. Accounting Terminate Cause. See Radius Acct- 
Terminate-Cause attribute. This attribute indicates the 
reason why a user session was terminated. In addition, 
a specific cause code is also present to provide addi- 
tional details- This attribute is only present in account- 
ing reports at the end of the session. 

9. Network Accounting Terminate Cause. This attribute 
indicates a detailed reason for terminating a session. 
This specific attribute is encoded as a vendor specific 
attribute and is only reported in a Radius Accounting 
attribute at the end of session. The standard Radius 
attribute Acct-Terminate-Cause is also present. This 
attribute provides specific cause codes, not covered by 
the Acct-Terminate-Cause attribute. 

10. Network Air link Access Protocol. This attribute 
indicates the air link access protocol used by the end 
system. This attribute is encoded as a vendor specific 
attribute. 

11. Network Backhaul Access Protocol. This attribute 
indicates the backhaul access protocol used by the 
access point to ferry data to and from the end system. 
This attribute is encoded as a vendor specific attribute. 

12. Network Agent Machine Name. This attribute is the 
fully qualified domain name of the machine running the 
home IWF or the serving IWF. This specific attribute is 
encoded in vendor specific format. 

13. Network Accounting Check-point Since the Radius 
accounting RFC does not define a check-point packet, 
the present network embodiment uses a Radius 
accounting start packet with this attribute to mark a 
check-point The absence of a check-point attribute 
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means a conventional accounting start packet. The 
presence of this attribute in a accounting start packet 
means a accounting check-point packet. Accounting 
stop packets do not have this attribute. 
In the preferred embodiment, every accounting packet 5 
and the corresponding reply must be authenticated using 
MD5 and a shared secret. The IWFs are configured with a 
shared secret that arc used by them for authentication during 
comm;inication with their Radius accounting server. The 
shared secrets used by the IWFs for communicating with 
accounting servers are stored in the home/foreign domain 
directory located in the MSG. The shared secrets for 
accounting security are communicated to the IWFs by their 
registration servers during the end system registration 
sequence. 

The accounting server software runs in a computer 
located in the MSG. The role of the accounting server in the 
system is to collect raw accounting data from the network 
elements (the home and the serving IWFs), process the data 
and store it for transfer to the wireless service provider's 
billing system. The accounting server docs not include a 20 
billing system. Instead, it includes support for an automatic 
or manual accounting data transfer mechanism. Using the 
automatic accounting data transfer mechanism, the account- 
ing server transfers accounting records in AMA billing 
format to the customer's billing system over a TGP/IP 25 
transport. For this purpose, the system defines AMA billing 
record formats for packet data. Using the manual transfer 
mechanism, customers are able to build a tape to transfer 
accounting records to their billing system. In order to build 
the tape to their specifications, customers are provided with 30 
information to access accounting records so that they may 
process them before writing them to tape. 

In FIG. 22, the raw accounting data received by the 
accounting server from the home or serving IWFs are 
processed and stored by the accounting server. The process- 35 
ing done by the accounting server includes filtering, com- 
pression and correlation of the raw accounting data received 
from the IWF. A high availability file server using dual 
active/standby processors and hot swappable RAID disks is 
used for buffering the accounting data while it is transiting 40 
through the accounting server. 

The accounting server delays processing of the raw 
accounting data until an end system has terminated its 
session. When an end system terminates its session, the 
accounting server processes the raw accounting data that it 45 
has collected for the session and stores an accounting 
summary record in a SQL database. The accounting sum- 
mary record stored in the SQL dau base points to an ASN. 
1 encoded file. TTiis file contains detailed accounting infor- 
mation about the end system's session. The data stored in the 50 
accounting server is then transferred by the billing data 
transfer agent to the customer's billing system. 
Alternatively, the wireless service provider may transfer the 
accounting data from the SQL database and/or the ASN. 1 
encoded file to the billing system via a tape. The data base ss 
scheme and the format of the ASN. 1 encoded file are 
documented and made available to customers for this pur- 
pose. If the volume of processed accounting data stored in 
the accounting system exceeds a high water mark, the 
accounting server generates an NMS alarm. This alarm is 60 
cleared when the volume, of data stored in the accounting 
server falls below a low water mark. The high and low water 
marks for generating and clearing the alarm are config- 
urable. The accounting server also generates an NMS alarm 
if the age of the stored accoxmting data exceeds a config- 65 
urable threshold. Conversely, the alarm is cleared, when the 
age of the accounting data falls below the threshold. 
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The subscriber directory is used to store information 
about subscribers and is located in the home network. The 
home registration server consults this directory during the 
registration phase to authenticate and register an end system. 
For each subscriber, the subscriber directory stores the 
following information. 

1. User-Name. This field in the subscriber record will be 
in SMTP format (e.g., user@fqdn) where the user 
sub -field will identify the subscriber in his or her 
wireless home domain and the fqdn sub-field will 
identify the wireless home domain of the subscriber. 
This field is sent by the end system in its registration 
request during the registration phase. This field is 
assigned by the wireless service provider to the sub- 
scriber at the time of subscription to the network 
service. This field is different than the user name field 
used in PPP. 

2. Mobility Security Association. This field in the sub- 
scriber record contains the mobility security associa- 
tion between the subscriber and his or her home net- 
work. As described above, a mobility security 
association exists between each subscriber and its home 
registration server. The mobility security association 
defines a collection of security contexts. Each security 
context defines an authentication algorithm, an authen- 
tication mode, a shared secret, style of replay protection 
and the type of encryption (including no encryption) to 
use between the end system and its home server. During 
registration, the home registration server retrieves 
information about the subscriber's security context 
firom the subscriber directory using the User-Name and 
the security parameter index (SPI) supplied by the end 
system in its registration, request. The information in 
the security context is used for enforcing 
authentication, encryption and replay protection during 
the session. The mobility security association is created 
by the wireless service provider at the time of subscrip- 
tion. It is up to the wireless service provider to permit 
the subscriber to modify this association either by 
calling up a customer service representative or by 
letting subscribers access to a secure Web site. The Web 
site software will export web pages which the wireless 
service provider may make accessible to subscribers 
from a secure web server. In this way, subscribers are 
able to view/modify the contents of the mobility secu- 
rity association in addition to other subscriber infor- 
mation that the service provider may make accessible. 

3. Modem MAC Address, This field contains the MAG 
address of the modem owned by the subscriber. In 
addition to the shared secret, this field is used during 
registration to authenticate the user. It is possible to turn 
off MAG address based authentication on a per user 
basis. The MAG address is communicated to the home 
registration server during registration. 

4. Enable MAG Address Authentication. This field is used 
to determine if MAG address based authentication is 
enabled or disabled. If enabled, the home registration 
server checks the MAG address of the registering end 
system against this field to validate the end system's 
identity. If disabled, then no checking is done, 

5. Roaming Enabled Flag. If this field is set to enabled, 
then the end system is allowed to roam to foreign 
networks. If this field is disabled, then the end system 
is not permitted to roam to foreign networks. 

6. Roaming Domain List. This field is meaningful only if 
the Roaming Enabled Flag is set to enabled. This field 
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contains a list of foreign domains that the end system 
is allowed to roam to. When the contents of this list is 
null and the Roaming Enabled Flag is set to enabled, 
the end system is allowed to roam freely. 

7. Service Enable/Disable Flag. This field may be set to 5 
disabled by the system administrator to disable service 

to a subscriber. If this field is disabled, then the sub- 
scriber is be permitted to register for service. If the 
subscriber is registered and the value of this field is set 
to disabled, then the subscriber's end system is imme- 10 
diately disconnected by the network, 

8. Internet Service Provider Association. This field con- 
tains information about the subscriber's internet service 
provider. This information is used by the IWF during 
the PPP registration phase to perform authentication 
with the internet service provider on behalf of the end 
system and also to create a L2TP tunnel between the 
IWF and the internet service provider's PPP server. 
This field contains the identity of the subscriber's ISP 
The IWF uses this information to access the ISP ^ 
directory for performing authentication and setting up 
the L2TP tunnel on behalf of the end system. 

9. Subscriber's Name & Address Information. This field 
contains the subscriber's name, address, phone, fax, 
e-mail address, etc. ^ 

The home domain directory (HDD) is used by the regis- 
tration server to retrieve parameters about the end system to 
complete registration on behalf of the end system. Using this 
information, the registration server determines if the end 
system is registering at home or if the end system is a ^ 
roaming end system. In the former case, the registration 
server assumes the role of a home registration server and 
proceed with end system registration. In the latter case, the 
registration server assumes the role of a foreign registration 
server and, acting as a Radius proxy, it forwards the request 
to the real home registration server whose identity it gets 
from this directory. For roaming end system, the parameters 
stored in the HDD include the IP address of the home 
registration server, the home-foreign shared secret, the 
home-serving IWF tunnel configuration etc. The HDD is ^ 
located in the MSG. 

Hic following information is stored in the HDD. 

1. Home Domain Name. This field is used as the key to 
search the HDD for an entry that matches the fiilly 
qualified home domain name provided by the end 
system in its registration request. 

2. Proxy Registration Request. This field is used by the 
registration server to determine if it should act as a 
foreign registration server and proxy the end system's 50 
registration request to the real home registration server 

3. Home Registration Server DNS Name. If the proxy 
registration request flag is TRUE, this field is used to 
access the DNS name of the real home registration 
server Otherwise, this field is ignored. The DNS name ss 
is translated to an IP address by the foreign registration 
server. The foreign registration server uses the IP 
address to relay the end system's registration request. 

4. Foreign Domain Name. If the proxy registration request 
flag is TRUE, this field is used to identify the foreign 60 
domain name to the end system's home registration 
server Otherwise, this field is ignored. The foreign 
registration server uses this information to create the 
foreign server machine id in SMTP format, for 
example, machine@fqdn. This machine id is sent to the 65 
home registration server by the foreign registration 
server in the Radius-Access Request. 
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5. Shared Secret. If the proxy registration request flag is 
TRUE, the shared secret is used between the foreign 
and home registration servers to authenticate their 
identity with each other. Otherwise this field is ignored. 

6. Tunneling Protocol Parameters. This field is used to 
store parameters to configure the tunnels to provide 
service to the end system. For an end system at home, 
this includes information on tunnel parameters between 
the base station and the home IWF and from the home 
IWF to the PPP server. For a roaming end system, this 
includes tunneUng parameters from the base station to 
the serving IWF and from the serving IWF to the home 
IWF. At a minimum, for each tunnel, this field contains 
the type of tunneling protocol to use and any timneling 
protocol specific parameters. For example, this field 
may contain the identifier for the tunneling protocol 
L2TP and any additional parameters required to con- 
figure the L2TP tunnel between the IWF and its peer. 

7. Accounting Server Association. This field is used to 
store information needed by the IWF to generate 
accounting data on behalf of the end system. It contains 
the name of the accoimting protocol (e.g. RADIUS), 
the DNS name of the accounting server and additional 
parameters specific to the accoimting protocol like the 
UDP port number, the shared secret that the IWF must 
;ise in the Radius Accounting protocol, the frequency of 

■ check-pointing, the seed for creating Uie session/multi- 
session id, etc. The accounting server's DNS name is 
translated to the accounting server's IP address, which 
k sent to the IWF. 

For wireless service providers that have roaming agree- 
ments with each other, the HDD is used for authentication 
and to complete the registration process. If an end system 
roams from its home network to a foreign network, the 
foreign registration server in that network consults the HDD 
in its MSG to get information about the visiting end system's 
home registration and to authenticate the home network 
before it provides service to the visiting end system. 

The software for home domain directory management 
preferably provides a graphical user interface (GUI) based 
HDD management interface for system administrators. 
Using this GUI, system administrators are able to view and 
update entries in the HDD. This GUI is not intended for use 
by foreign wireless network service providers to perform 
remote updates based on roaming agreements. It is only 
intended for use by trusted personnel of the home wireless 
service provider operating behind fire walls. 

The foreign domain directory (FDD) provides function- 
ality that is the reverse of the home domain directory. The 
FDD is used by the home registration server to retrieve 
parameters about the foreign registration server and the 
foreign network in order to authenticate the foreign network 
and create a tunnel between a serving IWF and a home IWF. 
These parameters include the home-foreign shared secret, 
the home IWF-serving IWF turmel configuration, etc. The 
FDD is preferably located in the home registration server's 
MSG. The FDD is used by home registration servers for 
registering roaming end systems. 

The following information will be stored in the FDD. 

1. Foreign Domain Name. This field is used as the key to 
search the FDD for an entry that matches the fully 
qualified domain name of the foreign registration server 
relaying the registration request. 

2. Shared Secret. This is the shared secret used between 
the foreign and home registration servers to authenti- 
cate their identity mutually with each other. 

3. Home IWF-Serving IWF Turmeling Protocol Param- 
eters. This field is used to store parameters to configure 
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the tunnel between the home IWF and the serving IWF. 
At a minimum^ this held contains the type of tunneling 
protocol to use and any tunneling protocol specific 
parameters. For example, this field may contain the 
identifier for the tunneling protocol L2TP and any 5 
additional parameters required to configure the L2TP 
tunnel between the serving IWF and the home IWF. 
4. Accounting Server Association. This field is used to 
store information needed by the home IWF to generate 
accounting data on behalf of the end system. It contains 10 
the name of the accounting protocol (e.g. RADIUS), 
the DNS name of the accounting server and additional 
parameters specific to the accounting protocol like the 
UDP port number, the shared secret that the IWF must 
use in the Radius Accounting protocol, the frequency of 15 
check-pointing, the seed for creating the scssion/multi- 
scssion id, etc. The accounting server's DNS name is 
translated to the accounting server's IP address, which 
is sent to the foreign agent. 
For wireless service providers that have roaming agree- 20 
ments with eadi other, the FDD is used to do authentication 
and complete the registration process. If an end system 
roams from its home network to a foreign network, the 
registration server in the home network consults the FDD in 
its MSG to get information and authenticate the foreign 25 
network providing service to the end system. 

The foreign domain directory management software pro- 
vides a graphical user interface (GUI) based FDD manage- 
ment interface for system administrators. Using this GUI, 
system administrators are able to view and update entries in 30 
the FDD. This GUI is not intended for use by foreign 
wireless network service providers to perform remote 
updates based on roaming agreements. It is only intended for 
use by trusted personnel of the home wireless service 
provider operating behind firewalls. 35 

The internet service provider directory (ISPD) is used by 
the home IWF to manage connectivity with ISPs that have 
service agreements with the wireless service provider so that 
subscribers may access their ISPs using the network. For 
each subscriber, the subscriber directory has an entry for the 40 
subscriber's ISP, This field points to an entry in the ISPD. 
The home IWF uses this information to set up the connection 
to the ISP on behalf of the subscriber. 

The network architecture supports roaming. In order for 
roaming to work between wireless service providers, the 45 
architecture must support the setting up of roaming agree- 
ments between wireless service providers. This imphes two 
things: (1) updating system directories across wireless ser- 
vice providers and (2) settlement of bills between service 
providers. 50 

In order to allow subscribers access to intemet service 
providers, the architecture supports roaming agreements 
with internet service providers. This implies that the archi- 
tecture must be able to send data to and receive data from 
ISP PPP servers (i.e., that support industry standard proto- 55 
cols like PPP, L2TP and Radius). It also implies that the 
architecture handles directory updates for ISP access and 
settlement of bills with ISPs. 

When roaming agreements are established between two 
wireless service providers, both providers have to update 60 
their home and foreign domain directories in order to 
support authentication and registration functions for end 
systems visiting their networks from the other network. At 
a minimum, the architecture of the present embodiment 
supports manual directory updates. When a roaming agree- 65 
ment is established between two wireless service providers, 
then the two parties to the agreement exchange information 



for populating their home and foreign domain directories. 
The actual updates of the directories is done manually by the 
personnel of the respective service providers. If later, the 
information in the home and foreign domain directories 
needs to be updated, the two parties to the agreement 
exchange the updated information and then manually apply 
their updates to the directories. 

In an alternative embodiment, the directory management 
software incorporates developing standards in the IETF to 
enable roaming between intemet service providers and to 
enable ISPs to automatically manage and discover roaming 
relationships. This makes manual directory management no 
longer necessary. The network system automatically propa- 
gates roaming relationships, and discovers them, to authen- 
ticate and register visiting end systems. 

At a minimum, the network architecture just processes 
and stores the accounting data and makes the data available 
to the wireless service provider's billing system. It is up to 
the billing system to handle settlement of bills for roaming. 

In an alternative embodiment, developing standards in the 
IETF to handle distribution of accounting records between 
internet service providers are incorporated into the network 
architecture to enable ISPs to do billing settlement for 
roaming end systems. 

The system software supports access to ISPs and private 
intranets by supporting L2TP between the home IWF and 
the ISPs or intranet PPP server. The intemet service provider 
directory contains information useful to the IWF for creating 
these tunnels. As access agreements between the wireless 
service provider and intemet service providers are put in 
place, this directory is updated manually by the wireless 
service provider's personnel. Automatic updates and discov- 
ery of access relationships between the wireless service 
provider and internet service providers are presently con- 
templated and implemented as the intemet standards evolve. 
While accessing an intemet service provider, the subscriber 
receives two bills — one from the wireless service provider 
for the use of the wireless network and the second from the 
internet service provider. Although common billing that 
combines both types of charges is not handled by the 
minimum embodiment software, it is contemplated that the 
software wiU take advantage of internet standards for billing 
settlement as they evolve so that subscribers may receive a 
common bill based on roaming agreements between the ISP 
and wireless service providers. 

The system includes a element management system for 
managing the network elements. From the element manager, 
system administrators perform configuration, performance 
and fault/alarm management functions. The element man- 
agement applications run on top of a web browser. Using a 
web browser, system administrators manage the network 
from anywhere that they have TCP/IP access. The element 
manager also performs an agent role for a higher level 
manager. In this role it exports an SNMP MIB for alarm and 
fault monitoring. 

A higher level SNMP manager is notified of alarm con- 
ditions via SNMP traps. The higher level SNMP manager 
periodically polls the element manager's MIB for the health 
and status of the network. System management personnel at 
the higher level manager are able to view an icon represen- 
tation of the network and its current alarm state. By pointing 
and clicking on the network element icon, systems manage- 
ment personnel execute element management applications 
using a web browser and perform more detailed manage- 
ment fimctions. 

Inside the network, management of the physical and 
logical network elements is performed using a combination 
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of the SNMP protocol and internal management application 
programmiog interfaces. Applications in the element man- 
ager use SNMP or other management APIs to perform 
network management functions. 

Architecturally, the element management system includes 5 
of two distinct sets of functional elements. The first set of 
functional elements, including the configuration data server, 
performance data monitor and health/status monitor and 
network element recovery software, executes on an HA 
server equipped with RAID disks. The second set of func- lo 
tional elements, including the management applications, 
executes on a dedicated, non-HA management system. Even 
if the clement manager system becomes non-operational, the 
network elements continue to be able to run and report 
alarms and even be able to recover from fault conditions. 15 
However, since all the management applications execute in 
the non-HA element manager, if the element manager goes 
down, then recovery actions requiring human intervention 
are not possible until the element manager becomes opera- 
tional. 20 

The wireless bubs (WHs) in the base stations are typically 
owned by a wireless service provider (WSP), and they are 
connected to the WSP's registration server (RS) either via 
point-to-point links, intranets or the Internet. The WSP*s 
registration server is typically a software module executing 25 
on a processor to perform certain registration functions. 
Inter-working function units (IWF units) are typically soft- 
ware modules executing on a processor to perfonn certain 
interfacing functions. IWF units are typically connected to 
the registration servers via intranets/WAN, and the IWF 30 
units are typically owned by the WSP. However, the IWF 
imits need not be located within the same LAN as the 
registration servers. Typically, accounting and directory 
servers (also software modules executing on a processor) are 
connected to the registration servers via a LAN in the service 35 
provider's Data Center (e.g., a center including one or more 
processors that hosts various servers and other software 
modules). Traf&c from the end system is then routed via a 
router (connected to the LAN) to the public Internet or to an 
ISP's intranet. 40 

The registration server located in a foreign WSP's net- 
work is referred to as the foreign registration server (FRS), 
and the registration server located in the end system's home 
network (where the mobile purchases its service) is referred 
to as the home registration server (HRS). The inter-working 45 
function unit in the home network is referred to as the home 
IWF while the inter-working function unit in the foreign 
network (i.e., the network the end system is visiting) is 
referred to as the 'serving IWF. 

For fixed wireless service (i.e., a non-moving end 50 
system), an end system may register for service on the home 
network from the home network (e.g., at home service) or 
from a foreign network (e.g., roaming service). The end 
system receives an advertisement sent by an agent (e.g., an 
agent function implemented in software) in the wireless hub 55 
via the access point. Hiere are both MAC-layer registration 
as well as network-layer registration to be accomplished. 
These may be combined together for eflSciency. 

For end systems at home (FIG, 23), the network layer 
registration is sent (like a local registration) to the home 60 
registration server via the wireless hub to which the end 
system is currently attached. An IWF in the end system's 
home network will become the anchor or home IWF. Hius, 
PPP frames to and from the end system travel via the 
wireless hub to the home IWF in the home network. If the 65 
end system is at home, the home IWF is coimected to the 
wireless hub via an XTunnel protocol. 
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For roaming wireless service (FIG. 24), the foreign reg- 
istration server determines the identity of the home network 
of the roaming end system during the registration phase. 
Using this information, the foreign registration server com- 
municates with the home registration server to authenticate 
and register the end system. The foreign registration server 
then assigns a serving IWF, and an I-XTunnel protocol 
connection is established between the home IWF and the 
serving IWF for the roaming end system. The serving IWF 
relays frames between the wireless hub and the home IWF. 
From the home IWF, data is sent to a PPP server (Le., 
point-to-point protocol server) which may reside in the same 
IWF. However, if the data is to go to a corporate intranet or 
an ISP's intranet that has its own PPP server, the data k sent 
to the separate PPP server via the L2TP protocol. The 
separate server is typically owned and operated by an 
Internet service provider who is different from the wireless 
service provider. For the duration of the session, the loca- 
tions of the home IWF and PPP server remain fixed. The 
MAC layer registration can be combined with the network 
registration to economize on the overhead of separate com- 
munications for MAC layer and network layer registration; 
however, it may be advantageous to not combine these 
registration processes so that the WSP's equipment will be 
interoperable with other wireless networks that supports 
pure IETF Mobile-IP. 

Registration sets up three tables. Table 1 is associated 
with each access point, and Table 1 identifies each connec- 
tion (e.g., each end system) by a connection id (CID) and 
associates the connection id with a particular wireless (WM) 
modem address (i.e., the address of the end system or end 
system). Table 2 is associated with each wireless hub (WH), 
and Table 2 associates each connection id with a correspond- 
ing wireless modem address, access point and XTunnel id 
(XID). Table 3 is associated with each inter-working func- 
tion (IWF), and Table 3 associates each connection id with 
a corresponding wireless modem address, wireless hub 
address, XTunnel id and IP port (IP/port). The entries 
described for these tables are described to include only 
relevant entries that support the discussion of mobility 
management. In reality, there are other important fields that 
need to be included as well. 
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The protocol stacks for dial-up users at home in a network 
as well as roaming users arc illustrated in FIGS. 25-28. FIG. 
25 depicts protocol stacks iised for direct internet access by 
a fixed (i.e., non-moving) end system at home where a PPP 
protocol message terminates in the home IWF (typically 
collocated with the wireless hub) which relays message to 
and from an IP router and from there to the public internet. 
FIG. 26 depicts protocol stacks used for remote intranet 
access (ie., either private corporate nets or an ISP) by a fixed 
(i.e., non-moving) end system at home where a PPP protocol 
message is relayed through the home IWF (typically collo- 
cated with the wireless hub) to a PPP server of the private 
corporate intranet or ISP. FIG. 27 depicts protocol stacks 
used for direct internet access by a roaming but fixed (i.e., 
- non-moving) or a moving end system where the PPP pro- 
tocol terminates in the home IWF (typically located in a 
mobile switching center of the home network) which relays 
message to and from an IP router. In FIG. 27, note how 
message traffic passes through a serving IWF (typically 
collocated with the wireless hub) in addition to the home 
IWF. FIG. 28 depicts protocol stacks used for remote 
intranet access (i.e., either private corporate nets or an ISP) 
by a roaming but fixed (i.e., non-moving) or a moving end 
system where a PPP protocol message is relayed through the 
home IWF (typically located in a mobile switching center of 
the home network) to a PPP server of the private corporate 
intranet or ISP. In FIG. 28, note how message traffic passes 
through a serving IWF (typically collocated with the wire- 
less hub) in addition to the home IWF. When the serving 
IWF and the wireless hub are co-located in the same nest of 
computers or are even programmed into the same computer, 
it is not necessary to establish a tunnel using the XTunnel 
protocol between the serving IWF and the wireless hub. 

Equivalent variations to these protocol stacks (e.g. the 
RLP can be terminated at the wireless hub rather than at the 
serving IWF or home IWF for mobiles at home) are also 
envisioned. If the IWF is located far from the wireless hub, 
and the packets can potentially be carried over a lossy IP 
network between the IWF and wireless hub, then it would be 
preferred to terminate the RLP protocol at the wireless hub. 
Another variation is the Xtuimel between wireless hub and 
IWF need not be built on top of the UDP/IP. Xtunnels can 
be built using the Frame Relay/ATM link layer. However, 
the use of UDP/IP makes it easier to move the wireless hub 
and IWF software from one network to another. 

Four types of handoff scenarios may occur, and they are 
labeled: (i) local mobility, (ii) micro mobility, (iii) macro 
mobility, and (iv) global mobility. In all four scenarios (in 
one embodiment of the invention), a route optimization 
option is not considered so that the locations of the home 
registration server and the ISP*s PPP server do not change. 
In another embodiment of the invention with route 
optimization, the ISP's PPP server may change. However, 
this aspect is discussed below. In addition, the locations of 
the foreign registration server and IWF do not change in the 
first three scenarios. 
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The proposed IETF Mobile IP standard requires that 
whenever an end system changes the IP subnet to which it 
is attached, it sends a registration request message to a home 
agent in its home subnet. This message carries a care-of 

5 address where the end system can be reached in the new 
subnet. When traffic is sent, for example, from an ISP to an 
end system, the home agent intercepts the traffic that is 
bound for the end system as it arrives in the home subnet, 
and then forwards the traffic to the care-of address. The 

10 care-of address identifies a particular foreign agent in the 
foreign subnet. An end system's foreign agent can reside in 
the end system itself, or in a separate node that in turn 
forwards traffic to the end system (i.e., proxy registration 
agent). Mobile IP handoffis involve exchange of control 

15 messages between an end system's agent, the end system's 
home agent and potentially its corresponding hosts (CHs) 
(with route optimization option). 

The proposed IETF Mobile IP standard would find it 
difficult to meet the latency and scalability goals for all 

20 movements in a large internetwork. However, the present 
hierarchical mobility management meets such goals. For 
small movements (e.g. a change of Access Points), only 
MAC-Iayer re-registrations are needed. For larger 
movements, network-layer re-registrations are performed. 

25 The present hierarchical mobility management is different 
from the flat-structure used in the IETF proposed Mobile-IP 
standard as well as the serving/anchor inter-working func- 
tion model used in cellular systems like CDPD (based on a 
standard sponsored by the Cellular Digital Packet Data 

30 forum). 

As depicted in FIG. 29, the local mobility handoff handles 
end system (designated MN for mobile node) movement 
between APs that belong to the same wireless hub. Thus, 
only MAC layer re-registration is required. The end system 

35 receives a wireless hub advertisement from a new AP and 
responds with a registration request addressed to the new AP. 

The new AP (i.e., the one that receives the registration 
request from the end system) creates new entries in its 
connection table and relays the registration message to its 

40 wireless hub. In local mobility handoffs, the wireless hub 
does not change. The wireless hub recognizes the end 
system's registration request as a MAC level registration 
request, and it updates its connection table to reflect the 
connection to the new AP. Then, the old AP deletes the 

45 connection entry from its coimection table. There are at least 
three ways whereby the old AP can delete the old entries, 
namely (i) upon time out, (ii) upon receiving a copy of the 
relayed MAC layer association message from the new AP to 
the wireless hub (if this relay message is a broadcast 

50 message), and (iii) upon being informed by the wireless hub 
of the need to delete the entry. 

As depicted in FIG. 30, the micro mobiUty handoff 
handles end system (designated MN for mobile node) move- 
ment between wireless hubs that belong to the same regis- 

55 tration server and where the end system can still be served 
by the existing serving IWF. When an advertisement is 
received from a new wireless hub (through a new AP),) the 
end system sends a message to request registration to the 
registration server. The registration request is relayed from 

60 the new AP to the new wireless hub to the registration server. 
When the registration server determines that the existing 
IWF can still be used, the registration server sends a build 
XTunnel Request message to request the existing IWF to 
build an XTunnel to the new wireless hub. Later, the 

65 registration server sends a tear down XTunnel request mes- 
sage to request the existing IWF to tear down the existing 
XTunnel with the old wireless hub. The build and tear 
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XTunnel Request messages can be combined into one mes- table and connection table after receiving a message from 

sage. A foreign registration server does not forward the the old wireless hub. 

registration message to the home registration server since The global mobility handoff case handles movement 

there is no change of IWF, either the serving IWF or home between wireless hubs that involves a change of registration 

IWF. 5 servers. FIG. 32 depicts a global mobility handoff where the 

Upon receiving a positive build XTunnel reply and a ^ome IWF does not change, and FIG. 33 depicts a global 

positive tear XTunnel reply from IWF, the registration server mobiUty handoflf where the home IWF changes When an 

sends a registration reply to end system. As the registration advertisement is received from a new wrele^ hub (through 

reply reaches the new wireless hub, the connection table at ^ '^^^ ^)/° ^ new foreign network, the end system sends 

the new wireless hub is updated to reflect the connection to lO fo^^i''^'^'^^ ^e^^ l^fr^fsTra^^^^^^^ ues^i^ 

the newAR The new/J>updates its MAC filter address table ^^[Jf ° fJo^the new AP^^'te new wMess hub S'new 

and connection table after receivmg a message from the new f^^/^ registration server 

wireless hub, and the registration reply is forwarded to the -j^e registration server recognizes that it is a new foreign 

end systein. registration server when the end system does not belong to 

The registration server sends a release message to the old 15 present registration server's network. This foreign reg- 

wireless hub. When the old wireless hub receives the release istration server determines the idenUty of the home regis- 

message, it updates its connection table and the MAC filter tration server by using a request, preferably a Radius Access 

address table and coimection table of the old AP. request (RA request), to the foreign directory server (like a 

As depicted in FIG. 31, the macro mobility handoff case big yellow pages) and then assigns an appropriate IWF to be 

handles movement between wireless hubs that involves a 20 the serving IWF, and it forwards the registration request to 

change of the serving IWF in the foreign network, but it does the home registration server, preferably through a Radius 

not involve a change in the registration server. When an Access request (RA request), informing the home registra- 

advertisement is received from new wireless hub (through a tion server of the newly selected IWF. 

new AP), the end system sends a message to request a The home registration server authenticates the registration 

network layer registration to the registration server. The 25 request by using a request, preferably a Radius Access 

registration request is relayed from the new AP to the new request (RA request), to the home directory server. Upon 

wireless hub to the registration server. . authenUcating the request and determining that the existing 

Hie registration server recognizes that it is a foreign borne IWF can still be used £IG. 32%^^^^ 

.^^i^t^.nZ. „ri,«„ A^^^ K^i server instructs the home IWF to bmld a new I-XTunnel to 

registration server when the end system does not belong to • ttttt^ i • j t. r • 

, - * i \ 1 -ru- f ' the serving IWF newly assigned by the new foreign regis- 

the present registration server s network. This foreign reg- 30 , * tt, u • ♦ / i j 

■ 4 4- J * - -J r u ■ tration server. The home registration server also sends a 

istraUon server determmes the identity of the home regis- ^^-registration message to the old foreign registration server 

traUonseiverbyusingarequest,preferablyaRadiusAccess instructs the home IWF to tear down the existing 

request (RA request), to the foreign du-ectory server (like a j.XTunnel to the existing serving IWF of the old foreign 

big yellow pages) and then assigns an appropriate IWF to be network. Upon receiving a positive build I-X'I\mnel reply 

the serving IWF, and it forwards a registration request to the 35 and a positive tear I-XTunnel reply from the home IWF, the 

home registration server, preferably through a Radius home registration server sends a registration reply to the new 

Access request (RA request), informing the home registra- foreign registration server. 

tion server of the newly selected IWF. The new foreign registration server then instructs the 

The home registration server authenticates the registration newly assigned IWF to build an XTurmel to the new wireless 

request by using a request, preferably a Radius Access 40 hub. Upon receiving a positive build XTunnel reply, the 

request (RA request), to the home directory server. Upon foreign registration server sends a registration reply to end 

authenticating the request and determining that the existing system. As the registration reply reaches the new wireless 

home IWF can still be used, the home registration server hub, the connection table at the new wireless hub is updated 

instructs the home IWF to build a new I-XTunnel to the to reflect the connection to the new AP. The new AP updates 

newly assigned serving IWF and to tear down the existing 45 its MAC filter address table and connection table after 

I-XTunnel to the old serving IWF. Upon receiving a positive receiving a message from the new wireless hub, and the 

build I-XTunnel reply and a positive tear I-XTunnel reply registration reply is forwarded to the end system, 

from the home IWF, the home registration server sends a The old foreign registration server instructs the old IWF 

registration reply to the foreign registration server. to tear down the XTuimel to the old wireless hub. Upon 

The foreign registration server then instructs the newly 50 receiving a positive tear XTXinnel reply or contemporane- 
assigned IWF to build an XTunnel to the new wireless hub. ously with the tear down XT\uinel request, the old foreign 
Upon receiving a positive build XT\mnel reply, the foreign registration server sends a release message to the old wire- 
registration server instructs the old IWF to tear down the less hub. When the old wireless hub receives the release 
XTunnel to the old wfreless hub. Upon receiving a positive message, it updates its connection table and the MAC filter 
build XHmnel reply and a positive tear XTunnel reply, the ss address table, and the old AP updates its MAC filter address 
foreign registration server sends a registration reply to end table and connection table after receiving a message from 
system. the old wireless hub. 

As the registration reply reaches the new wireless hub, the Alternatively, after the home registration server authen- 

connection table at the new wireless hub is updated to reflect ticates the registration request from the new foreign regis- 

the connection to the new AP. The new AP updates its MAC 60 tration server and determines that the existing home IWF 

filter address table and connection table after receiving a cannot be used (FIG. 33), the home registration server 

message from the new wireless hub, and the registration chooses a new home IWF and instructs the new home IWF 

reply is forwarded to the end system. to build a new level 2 tunnel protocol tunnel (L2TP tunnel) 

liie registration server sends a release message to the old to the present PPP server (e.g., the PPP server in a connected 

wireless hub. When the old wireless hub receives the release 65 ISP intranet). Then, the home registration server instructs the 

message, it updates its connection table and the MAC filter old home IWF to transfer its L2TP tunnel traffic to the new 

address table, and the old AP updates its MAC filter address home IWF. 
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Then the home registration server instructs the new home 
IWF to build a new I-XTunncl to the serving IWF newly 
assigned by the new foreign registration server. The home 
registration server also sends a de-registration message to 
the old foreign registration server and instructs the home 5 
IWF to tear down the existing I-XT\innel to the existing 
serving IWF of the old foreign network. Upon receiving a 
positive build I-XTunnel reply and a positive tear I-XTunnel 
reply from the home IWF, the home registration server sends 
a registration reply to the new foreign registration server. 

The new foreign registration server then instructs the 
newly assigned IWF to build an XTunnel to the new wireless 
hub. Upon receiving a positive build XTUnnel reply, the 
foreign registration server sends a registration reply to end 
system. As the registration reply reaches the new wireless 
hub, the connection table at the new wireless hub is updated 
to reflect the connection to the new AP, The new AP updates 
its MAC filter address table and cormection table after 
receiving a message from the new wireless hub, and the 
registration reply is forwarded to the end system. ^ 

The old foreign registration server instructs the old IWF 
to tear down the XTunnel to the old wireless hub. Upon 
receiving a positive tear XTunnel reply or contemporane- 
ously with the tear down XTunnel request, the old foreign . 
registration server sends a release message to the old wire- ^ 
less hub. When the old wireless hub receives the release 
message, it updates its connection table and the MAC filter 
address table, and the old AP updates its MAC filter address 
table and connection table after receiving a message from 
the old wireless hub. 

End systems constructed according to the present inven- 
tion interoperate with networks constructed according to the 
proposed IETF Mobile-IP standards, and end systems con- 
structed according to the proposed IETF Mobile-IP stan- 
dards interoperate wiUi networks constructed according to 
the present invention. 

The main differences between the present invention and 
the IETF Mobile-IP (RFC2002, a standards document) are: 

(i) The present invention uses a hierarchical concept for 
mobility management rather than a flat structure as in 
the proposed IETF Mobile-IP standard. Small mobility 
within a small area does not result in a network level 
registration. Micro mobility involves setting up of a 
new Xtunnel and tearing down of an existing Xtunnel. 
Global mobility, at the minimum, involves setting up of 45 
a new I-XTunnel and tearing down of an existing 
I-Xtunnel apart from the setting up/tearing down of 
XTunnel. Global mobility sometimes also involves 
setting up a new L2TP Tunnel and transferring of L2TP 
state from the existing L2TP Tunnel to the new L2TP 5Q 
Tunnel. 

(ii) In the present invention, a user name plus a realm is 
used to identify a remote dial-up user rather than a fixed 
home address as in the case of the proposed IETF 
Mobile-IP standard. 55 

(iii) In the present invention, registration and routing 
functions are carried out by separate entities. The two 
functions are carried out by the home agent in the 
proposed IETF Mobile IP standard, and both functions 
are carried out by the foreign agent in the proposed eo 
IETF Mobile IP standard. In contrast, in an embodi- 
ment of the present invention, registration is carried out 

in the registration server and routing functions are 
carried out by both the home and foreign IWF and the 
wireless hub (also referred to as the access hub). es 

(iv) The present invention utihzes three tunnels per PPP 
session. The XTunnel is more of a link-layer tunnel 
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between the wireless hub and the serving IWF. The 
I-XTunnel between the serving IWF and the home IWF 
is more Ukc the tunnel between home and foreign 
agents in the proposed IETF Mobile-IP standard. But it 
also has additional capabilities beyond the tunnels 
proposed by the Mobile IP standard. The L2TP tunnel 
is used only when home IWF is not a PPP server. The 
number of these tunnels may be reduced by combining 
some functions in the same nodes as described above. 

(v) In the present invention, wireless registration occurs 
before PPP session starts while in the proposed IETF 
Mobile-IP standard, Mobile-IP registration occurs after 
PPP session enters into the open state. 

(vi) In the present invention, the network entity that 
advertises the agent advertisement (i.e., the wireless 
hub) is not 00 a direct link to the end systems whereas 
for the proposed IETF Mobile-IP standard, the agent 
advertisement must have a TTL of 1 which means that 
the end systems have a direct link with the foreign 
agent. In addition, the agent advertisement in the 
present invention is not an extension to the I CMP router 
advertisements as in the proposed IETF Mobile-IP 
standard. 

End systems in the present invention, sho\ild support 
agent solicitation. W^en an end system in the present 
invention visits a network which is supporting the proposed 
IETF Mobile-IP standard, it waits until it hears an agent 
advertisement. If it does not receive an agent advertisement 
within a reasonable time frame, it broadcasts an agent 
solicitation. 

In the present invention, network operators may negotiate 
with other networks that support the proposed IETF Mobile- 
IP standard such that home addresses can be assigned to the 
end systems of the present invention that wish to use other 
networks. When the end system of the present invention 
receives the agent advertisement, it can determine that the 
network it is visiting is not an a network according to the 
present invention and hence uses the assigned home address 
to register. 

For networks supporting the proposed IETF Mobile-IP 
standard, the PPP session starts before Mobile-IP 
registration, and the PPP server is assumed to be coUocated 
with the foreign agent in such networks. In one embodiment, 
an SNAP header is used to encapsulate PPP frames in the 
MAC frames of the present invention (in a manner similar 
to Ethernet format), and the foreign agent interprets this 
formal as a proprietary PPP format over Ethernet encapsu- 
lation. Thus, the end system of the present invention and its 
PPP peer can enter into an open state before the foreign 
agent starts transmitting an agent advertisement, and the end 
system of the present invention can register. 

To allow end systems supporting the proposed IETF 
Mobile-IP standard to work in networks of the type of the 
present invention, such mobiles are at least capable of 
performing similar MAC layer registrations. By making the 
agent advertisement message format similar to the proposed 
Mobile-IP standard agent advertisement message format, a 
visiting end system can interpret the agent advertisement 
and register with a wireless hub. In the present invention, 
registration request and reply messages are similar to the 
proposed IETF Mobile-IP standard registration request and 
reply messages (without any unnecessary extensions) so that 
the rest of the mobility management features of the present 
invention are transparent to the visiting end systems. 

Since end systems supporting the proposed IETF Mobile- 
IP standard expect a PPP session to start before Mobile-IP 
registration, an optional feature in wireless hubs of the 
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present invention starts to interpret PPP LCP, NCP packets billing information is shared. Accounting and billing infor- 

aftcr MAC-Iayer registrations. matioo exchange may be implemented using standards such 

To avoid losing traffic during handofk, the mobility as the standard proposed by the ROAMOPS working group 

management of the present invention uses the make before of the IETF. 

break concept. For local mobility, a make before break 5 However, the serving IWF must still discover the closest 

connection is achieved by turning the MAC-laycr re gistra- PPP server (e.g., the Hong Kong ISP). In the present 

tion message relayed by the new AP to the wireless hub into embodiment, the foreign registration server leams of the end 

a broadcast message. That way, the old AP can hear about system's desire to connect to a PPP server (e.g., a Hong 

the new registration and forward packets destined for the Kong ISP) when it receives a registration request from the 

end system that have not been transmitted to the new AP. lO end system. When the foreign registration server determines 

For micro mobility, information about the new wireless that the serving IWF is closer to the desired PPP server (e.g., 

hub is included in the Tear XTuoncl message exchanged the Hong Kong ISP) than the home IWF is, the foreign 

between the serving IWF and the old WH. That way, the old registration server instructs the serving IWF to establish an 

wireless hub can forward buffered packets to the new L2TP tunnel to its nearest PPP server (in contrast to the PPP 

wireless hub upon hearing a TearXTunnel message from the 15 server closest to the home registration server and home 

serving IWF. Alternatively, the RLP layer at the IWF knows IWF). Then, the foreign registration server informs the home 

the sequence number that has been acknowledged by the old registration server that the end system is being served by the 

wireless hub so far. serving IWF and the foreign PPP. 

At the same time, the IWF knows the current send In an alternative embodiment, the foreign registration 

sequence number of the latest packet sent to the old wireless 20 server detcrmiDcs that the serving IWF is closer to the 

hub. Therefore, the IWF can forward those packets that are desired PPP server (e.g., the Hong Kong ISP) than the home 

ordered in between these two numbers to the new wireless IWF is, when it receives a registration request from the end 

hub before sending newer packets to the new wireless hub. system. The foreign registration server relays the registra- 

The RLP layer is assumed to be able to filter duplicate tion request message to the home registration server with an 

packet. The second approach is probably preferable to the 25 attached message indicating the serving IWF information 

first approach for the old wireless hub may not be able to and a notification that route optimization is preferred. At the 

communicate with one another directly. same time, the foreign registration server instructs the serv- 

For macro mobifity, the old serving IWF can forward ing IWF to establish an L2TP tunnel to the PPP server. Upon 

packets to the new serving IWF, in addition to the packet approving the registration request, the home registration 

forwarding done from the old wireless hub to the new 30 server instructs the home IWF to transfer the L2TP state to 

wireless. All we need to do is to forward the new serving the foreign IWF. 

IWF identity to the new serving IWF in the tear down In FIG. 34, data frames are initially communicated 

I-XTunnel message. Another way to achieve the same result between the first mobile end system and the first access hub 

is to let the home IWF forward the missing packets to the through the first access point Then, a registration request is 

new serving IWF rather than asking the old serving IWF to 35 sent from the first mobile end system through the second 

do the job since the home IWF knows the I-XTunnel access point to the first access hub to re-register the first 

sequence number last acknowledged by the old serving IWF mobile end system with the first access hub without inform- 

and the current I-XT\mnel sequence number sent by the ing the first registration server when the first mobile end 

home IWF. system moves and re-registers through the second access 

The method of estimating how much buffer should be 40 point. Finally, the second access point is finked with the first 

allocated per mobile per AP per wireless hub per IWF such access hub when the first mobile end system re-registers 

that the traffic loss between handoflfs can be minimized is to through the second access point, and the first access point is 

let the end system for the AP for the wireless hub for the IWF de-linked from the first access hub when the second access 

estimate the packet arrival rate and the handoff time. This point is finked with the first access hub. 

information is passed to the old AP of the wireless hub of the 45 In FIG. 35, data frames are initially communicated 

IWF to determine how much traffic should be transferred to between the first mobile end system and the first inter- 

the new AP of the wireless hub of the IWF, respectively, working function through the first access hub. Then, a 

upon handofis. registration request is sent from the first mobile end system 

To achieve route optimization in the present invention, the through a first access point and through the second access 

end system chooses the PPP server closest to the serving 50 hub to the first registration server to re-register the first 

IWF. Without route optimization, excessive transport delays mobile end system with the first registration server without 

and physical line usage may be experienced. informing the home registration server when the first mobile 

For example, an end system subscribed to a home network end system moves and re-registers through the second 

in New York City may roam to Hong Kong. To establish a access hub. Finally, the second access hub is finked with the 

fink to a Hong Kong ISP, the end system would have a 55 first inter-working funcfion when the first mobile end system 

serving IWF established in a wireless hub in Hong Kong and re-registers through the second access hub, and the first 

a home IWF estabUshed in the home network in New York access hub is de-finked from the first inter-working function 

City. A message would then be routed from the end system after the second access hub is linked with the first inter- 

(roamed to Hong Kong) through the serving IWF (in Hong working function. 

Kong) and through the home IWF (in New York City) and 60 In FIG. 36, data frames are initially communicated 

back to the Hong Kong ISP. between the first mobile end system and the third inter- 

A preferred approach is to connect fi^om the serving IWF working function through the first inter-working function, 

(in Hong Kong) directiy to the Hong Kong ISP. The serving and data fi-ames are iiutially communicated between the 

IWF acts like the home IWF. In this embodiment, roaming third inter-working function and the first communications 

agreements exist between the home and foreign wireless 65 server. Then, a registration request is sent fi"om the first 

providers. In addition, the various accounting/billing sys- mobile end system through a first access point and through 

terns communicate with one another automatically such that the first access hub and through the first registration server 
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to the home registration server to re-register the first mobile 
end system with the home registration server without 
de-hoking the third inter- working function from the first 
communicatbns server when the first mobile end system 
moves and re-registers through the first access hub. The step 
of sending the registration request from the first registration 
server to the home registration server sends an indication of 
a change from the first inter-working function to the second 
inter-working function. Finally, the second inter-working 
function is linked with the third inter- working function when 
the first mobile end system re-registers through the first 
access hub, and the first inter-working function is dc-hnked 
from the third inter-working function after the second inter- 
working function is linked with the third inter-working 
function. 

In FIG. 37, data frames are initially communicated 
between a first mobile end system and the third inter- 
working function through the first inter-working function, 
and data frames are initially communicated between the 
third inter-working function and the first communications 
server. Then, a registration request is sent from the first 
mobile end system through a first access point and through 
the first access hub and through the second registration 
server to the home registration server to re-register the first 
mobile end system with the home registration server without 
de-hnking the third inter-working function from the first 
communications server when the first mobile end system 
moves and re -registers through the first access hub. Finally, 
the third inter-working function is linked with the second 
inter-working function when the first mobile end system 
re-registers through the first access hub, and the third 
inter-working function is de-Unked from the first inter- 
working function after the third inter-working function is 
finked with the second inter-working function. 

In FIG. 38, data frames are initially conununicated 
between a first mobile end system and the third inter- 
working function through the first inter-working function, 
and data fi"ames are initially communicated between the 
third inter-working function and the first communications 
server. Then, a registration request is sent from the first 
mobile end system through a first access point and through 
the first access hub and through the second registration 
server to the home regisu^ation server to re-register the first 
mobile end system with the home registration server when 
the first mobile end system moves and re-registers through 
the first access hub. Finally, the fourth inter-working func- 
tion is linked with the second inter-working function when 
the first mobile end system re-registers through the first 
access hub, the fourth inter-working function is linked with 
the first communications server, the third inter-working 
function is de-linked from the first commimications server 
when the fourth inter-working function is linked with the 
first communications server, and the third inter-working 
function is de-linked from the first inter-working function 
after the fourth inter-working function is linked with the 
second inter-working function. 

The wireless data network include a home mobility 
switching center, a foreign mobility switching center, a base 
station and an end user. The home mobility switching center 
includes a home registration server and a home inter- 
working funcfion. The foreign mobility switching center 
includes a serving registration server and a serving inter- 
working function. The base station includes a proxy regis- 
tration agent. The end user modem includes a user registra- 
tion agent. The user registration agent is coupled to the 
proxy registration agent, the proxy registration agent is 
coupled to the serving registration server, and the serving 
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registration server is coupled to the home registration server. 
The proxy registration agent includes a module to send an 
advertisement containing a carc-of-address when the proxy 
registration agent receives a solicitation from the user reg- 

5 Lstration agent, and the user registration agent includes a 
module to incorporate user identity information and the 
care-of-address in a registration request when the user 
registration agent receives the advertizement and a module 
to send this registration request to the proxy registration 

10 agent. The proxy registration agent includes a module to 
forward to the serving registration server any registration 
request received from any user. The serving registration 
server includes a foreign directory Module to determine a 
home registration server address, a module to encapsulate 

15 the registration request and incorporate serving registration 
server identity information and the encapsulated registration 
request in a radius access request when the home registration 
server address is determined, and a module to send the 
radius access request to the home registration server. The 

20 home registration server includes a home directory module 
to authenticate the serving registration server identity 
information, a module to form an inter-working function 
request from the radius access request when the serving 
registration server identity information is authenticated, and 

25 a module to send the inter-working request to the home 
inter-working function. 

Having described preferred embodiments of a novel net- 
work architecture with wireless end users able to roam 
(which are intended to be illustrative and not limiting), it is 

30 noted that modifications and variations can be made by 
persons skilled in the art in light of the above teachings. For 
example, connection links described herein may make ref- 
erence to known connection protocols (e.g., IP, TCP/IP, 
L2TP, IEEE 802.3, etc.); however, the invention contem- 

35 plates other connection protocols in the connections links 
that provide the same or similar data defivery capabiUties. 
Acting agents in the above described embodiments may be 
in the form of software controlled processors or may be 
other form of controls (e.g., programmable logic arrays, 

40 etc.). Acting agents may be grouped as described above or 
grouped otherwise in keeping with the cormection teachings 
described herein and subject to security and authentication 
teachings as described herein. Furthermore, a single access 
point, access hub (i.e., wireless hub) or inter-working func- 

45 tion imit (IWF unit) may provide multi-channel capability. 
Thus, a single access point or access hub or IWF unit may 
act on traffic from multiple end systems, and what is 
described herein as separate access points, access hubs or 
IWF units contemplates equivalence with a single multi- 

50 channel access point, access hub or IWF unit. It is therefore 
to be understood that changes may be made in the particular 
embodiments of the invention disclosed which are within the 
scope and spirit of the invention as defined by the appended 
claims. 

55 Having thus described the invention with the details and 
particularity required by the patent laws, what is claimed and 
desired protected by letters patent is set forth in the 
appended claims: 
What is claimed is: 
60 1. A communications system comprising: 

a network that includes a first registration server and first 
and second access points and a first access hub, the 
network initially communicating data frames between a 
first mobile end system and the first access hub through 
65 the first access point; 

wherein the first access hub includes a first module to 
re-register the first mobile end system with the first 
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access hub without informing the first registration 
server when a registration request is received from the 
first mobile end system through the second access 
point; 

wherein the first access hub further includes a second 5 
module to link the second access point with the first 
access hub when the mobile end system re-registers 
through the second access point; and 

wherein the first access hub further includes a third 
module to de-link the first access point from the first 10 
access hub when the second access point is linked with 
the first access hub. 

2. A communications system comprising: 

a network that includes a first registration server and first 
and second access points and a first access hub, the 15 
network initially communicating data frames between a 
first mobile end system and the first access hub through 
the first access point; 

wherein the first access hub includes a first module to 
re -register the first mobile end system with the first 20 
access hub without informing the first registration 
server when a registration request is received from the 
first mobile end system through the second access 
point; 

wherein the first access hub further includes a second 25 
module to link the second access point with the first 
access hub when the mobile end system re -registers 
through the second access point; 

wherein the first access hub further includes a third 
module to de-link the first access point from the first 
access hub when the second access point is finked with 
the first access hub, 

wherein the network is regarded as a foreign network and 
the foreign network further includes second and third 
access hubs and a first inter-working function, the 
foreign network initially communicating data frames 
between a second mobile end system and the first 
inter-working function through the second access hub; 

a home network includes a home registration server; ^ 

the first registration server includes a first modtile to 
re-register the second mobile end system with the first 
registration server without informing the home regis- 
tration server when a registration request is received 
from the second mobile end system through a third 
access point and through the third access hub; and 

the fist registration server further includes a second mod- 
ule to command the third access hub to be linked with 
the first inter- working function when the second mobile 
end system re-registers through the third access hub; 
and the first registration server further includes a third 
module to command the second access hub to be 
de-linked from the first inter-working function after the 
third access hub is Unked with the first inter-working 
function. 

3. The system of clams 2, wherein: 

the foreign network further includes a fourth access hub 
and second and third inter-working functions; 

the home network further includes a fourth inter-working 
function, the foreign network initially communicating eo 
data frames between a third mobile end system and the 
fourth inter-working function through the second inter- 
working function, the home network initially commu- 
nicating data frames between the fourth inter-working 
function and a first commtmications server; 55 

the home registration server includes a first module to 
re-regtster the third mobile end system with the home 
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registration server without de-linking the fourth inter- 
working function from the first communications server 
when a registration request is received from the third 
mobile and system through a fourth access point and 
through the fourth access hub and through the first 
registration server, the first module recognizing an 
indication in the registration request of a change from 
the second inter-working function to the third inter- 
working function; 

the home registration server further includes a second 
module to command the fourth inter-working function 
to be linked with the third inter-working function when 
the third mobile end system re-registers through the 
fourth access hub; and 

the home registration server further includes a third 
module to command the fourth inter-working function 
to be de-linked from the second inter-working function 
after the third inter-working function is linked with the 
fourth inter-working function. 

4. The system of claim 3, wherein: 

the foreign network is regarded as a first foreign network 

and the first foreign network further includes a fifth 

inter-working function; 
a second foreign network includes a second registration 

server and a fifth access hub and a sixth inter-working 

function; 

the home network further includes a seventh inter- 
working function, the first foreign network initially 
communicating data frames between a fourth mobile 
end system and the seventh inter-working function 
through the fifth inter-working function, the home 
network initially communicating data frames between 
the seventh inter-working function and a second com- 
munications server; 

the home registration server further includes a fourth 
module to re -register the fourth mobile end system with 
the home registration server without de-linking the 
seventh inter-working function from the second com- 
munications server when a registration request is 
received from the fourth mobile end system through a 
fifth access point and through the fifth access hub and 
through the second registration server to the home 
registration server; 

the home registration server further includes a fifth mod- 
ule to command the seventh inter-working function to 
be linked with the sixth inter-working function when 
the fourth mobile end system re-registers through the 
fifth access hub; and 

the home registration server further includes a sixth 
module to command the seventh inter-working func- 
tion to be de-linked from the fifth inter-working func- 
tion after the sixth inter-working function is linked with 
the seventh inter-working function. 

5. The system of claim 3, wherein: 

the foreign network is regarded as a first foreign network 

and the first foreign network further includes a fifth 

inter-working function; 
a second foreign network includes a second registration 

server and a fifth access hub and a sixth inter-working 

function; 

the home network further includes seventh and eighth 
inter-working functions, the first foreign network ini- 
tially communicating data frames between a fourth 
mobile end system and seventh inter-working function 
through the fifth inter-working function, the home 
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network initially communicating data frames between 
the seventh inter- working function and a second com- 
munications server; 

the home registration server further includes a fourth 
module to re-register the fourth mobile end system with ^ 
the home registration server when a registration request 
is received from the fourth mobile end system through 
a fifth access point and through the fifth access hub and 
through the second registration server to the home 
registration server; 

the home registration server further includes a fifth mod- 
ule to command the eighth inter- working function to be 
linked with the sixth intcr-working function when the 
fourth mobile end system re-registers through the fifth 
access hub; 

the home registration server further includes a sixth 
module to command the eighth inter-working function 
to be linked with the second communications server; 

the home registration server further includes a seventh ^ 
module to command the seventh inter-working func- 
tion to be de-linked from the second communications 
server; and 

the home registration server further includes an eighth 
module to command the seventh inter-working func- 25 
tion to be de-linked from the fifth inter-working func- 
tion after the eighth inter-working function is linked 
with the sixth inter-working function. 

6. A communications system comprising: 

a foreign network that includes a first registration server 30 
and first and second access hubs and a first inter- 
working function, the foreign network initially com- 
municating data firames between a first mobile end 
system and the first inter-working function through the 
first access hub; 35 

a home network that includes a home registration server; 

wherein the first registration server includes a first module 
to re-register the first mobile end system with the first 
registration server without informing the home regis- 
tration server when a registration request is received ^ 
firom the first mobile end system through a first access 
point and through the second access hub to the first 
registration server, 

wherein the first registration server further includes a 
second module to command the second access hub to 
be linked with the first inter-working function when the 
first mobile end system re-registers through the second 
access hub; and 

wherein the first registration server further includes a third 
module to command the first access hub to be de-linked 
from the first inter-working function after the second 
access hub is linked with the first inter-woridng func- 
tion. 

7. A communications system comprising 

a foreign network that includes a first registration server 
and first and second access hubs and a first inter- 
working function, the foreign network initially com- 
munications data frames between a first mobile end 
system and the first inter-working function through the 
first access hub; 

a home network that includes a home registration server; 

wherein the first registration server includes a first module 
to re-register the first mobile end system with the first 
registration server without informing the home regis- 65 
tration saver when a registration request is received 
from the first mobile end system through a first access 
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point and through the second access hub to the first 
registration server; 

wherein the first registration server further includes a 
second module to command the second access hub to 
be linked with the first inter-working fimction when the 
first mobile end system re-registers through the second 
access hub; and wherein the first registration server 
further includes a third module to command the first 
access hub to be de-linked from the first inter-working 

. function after the second access hub is linked with the 
first inter-working function; 

wherein the foreign network further includes a third 
access hub and second and third inter-working func- 
tions; 

the home network further includes a fourth inter-working 
function, the foreign network initially communicating 
data frames between a second mobile end system and 
the fourth inter-woridng function through the second 
inter-working function, the home network initially 
communicating data firames between the fourth inter- 
working fimction and a first communications server; 

the home registration server includes a first module to 
re-register the second mobile end system with the home 
registration server without de-linking the fourth inter- 
working function from the first communications server 
when a registration request is received from the second 
mobile and system through a second access point and 
through the third access hub and through the first 
registration server to the home registration server, the 
first module recognizing an indication in the registra- 
tion request of a change from the second inter-working 
function to the third inter-working function; 

the home registration server further includes a second 
module to command the third inter- working function to 
be linked with the fourth inter-working function when 
the second mobile end system re-registers through the 
third access hub; and 

the home registration server further includes a third 
module to command the second inter-working function 
to be de-linked from the fourth inter-working function 
after the third inter-working function is finked with the 
fourth inter- working function. 

8. The system of claim 7, wherein: 

the foreign network is regarded as a first foreign network 
and the first foreign network further includes a fifth 
inter-working function, 

a second foreign network includes a second registration 
server and a fourth access hub and a sixth inter-working 
function; 

the home network further includes a seventh inter- 
working function, the first foreign network initially 
communicating data frames between a thud mobile end 
system and the seventh inter-working function through 
the fifth inter-working function, the home network 
initially communicating data frames between the sev- 
enth inter-working function and a second communica- 
tions server; 

the home registration server further includes a fomth 
module to re-register the third mobile and system with 
the home registration server without de-linking the 
seventh inter-working function from the second com- 
munications server when a registration request is 
received from the third mobile end system through a 
third access point and through the fourth access hub 
and through the second registration server to the home 
registration server; 
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the home registration server further includes a fifth mod- 
ule to command the sixth inter-working function to be 
linked with the seventh inter-working function when 
the third mobile end system re- registers through the 
fourth access hub; and 5 

the home registration server further includes a sixth 
module to command the fifth inter-working function to 
be de-linked from the seventh inter-working function 
after the sixth inter-working function is linked with the 
seventh inter-working function. 

9. The system of claim 7, wherein: 

the foreign network is regarded as a first foreign network 

and the first foreign network further includes a fifth 

inter-working function; 
a second foreign network incliides a second registration 

saver and a fourth access hub and a sixth inter-working 

function; 

the home network further includes seventh and eighth 
inter-working functions, the first foreign network ini- 20 
tially communicating data frames between a third 
mobile end system and seventh inter-working function 
through the fifth inter-working function, the home 
network initially communicating data frames between 
the seventh inter-working function and a second com- 25 
munications server; 

the home registration server further includes a fourth 
module to re-register the third mobile end system with 
the home registration server when a registration request 
is received from the third mobile end system through a 30 
third access point and through the fourth access hub 
and through the second registration server to the home 
registration server, 

the home registration server further includes a fifth mod- 
ule to command the eighth inter-working function to be 35 
linked with the sixth inter-working function when the 
third mobile end system re-registers through the fourth 
access hub; 

the home registration server further includes a sixth 
module to command she eighth inter-working function ^ 
to be linked with the second communications server; 

the home registration server further includes a seventh 
module to command the seventh inter-working func- 
tion to be de-linked from the second communications 
server, and 

the home registration server further includes an eighth 
module to command the seventh inter- working func- 
tion to be de-linked from the fifth inter- working func- 
tion after the eighth inter-working function is linked 
with the sixth inter-working function. 

10. A communications system comprising: 

a foreign network that includes a first registration server 
and a first access hub and first and second inter- working 
functions; 

a home network that include a home registration server 
and a third intcr-working function, the foreign network 
initially communicating data frames between a first 
mobile end system and the third inter-working function 
through the first inter-working function, the home net- 50 
work initially communicating data frames between the 
third inter-working function and the first communica- 
tions server; 

wherein the home registration server includes a first 
module to re-register the first mobile end system with 65 
the home registration server without de-linking the 
third inter- working function from the first communica- 
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tions server when a registration request is received 
fi'om the first mobile end system through a first access 
point and through the first access hub and through the 
first registration server to the home registration server, 
the first module recognizing an indication in the reg- 
istration request of a change from the first inter- 
working function to the second inter- working function; 

wherein the home registration server further includes a 
second module to conmaand the second inter-working 
function to be linked with the third inter-working 
function when the first mobile end system re-registers 
through the first access hub; and 

wherein the home registration server further includes a 
third module to command the first inter- working func- 
tion to be de-linked from the third inter-working func- 
tion after the second inter- working function is linked 
with the third inter-working function. 

11. A communications system comprising: 

a foreign network that includes a first registration server 
and a first access hub and first and second inter-working 
functions; 

a home network that include a home registration server 
and a third inter-working function, be foreign network 
initially communicating data frames between a first 
mobile end system and the third inter-working function 
through the first inter-working function, the home net- 
work initially communicating data frames between the 
third inter-working function and the first communica- 
tions server; 

wherein the home registration server includes a first 
module to re-register the first mobile end system with 
the home registration server without de-Linking the 
third inter-working function from the first communica- 
tions server when a registration request is received 
from the first mobile end system through a first access 
point and through the first access hub and through the 
first registration server to the home registration server, 
the first module recognizing an indication in the reg- 
istration request of a change from the first inter- 
working function to the second inter-working function; 

wherein the home registration server further includes a 
second module to command the second inter- working 
function to be linked with the third inter-working 
function when the first mobile end system re-registers 
through the first access hub; 

wherein the home registration server further includes a 
third module to command the first inter-working frinc- 
tion to be de -linked from the third inter- working func- 
tion after the second inter-working function is linked 
with the third inter-working function; 

wherein the foreign network is regarded as a first foreign 
network and the first foreign network further includes 
fourth intcr-working frmction; 

a second foreign network includes a second registration 
. server and a second access hub and a fifth inter-working 
function; 

the home network further includes a sixth inter-working 
function, the first foreign network initially communi- 
cating data frames between a second mobile end system 
and the sixth inter-working function through the fourth 
inter-working frinction, the home network initially 
communicating data frames between the sixth inter- 
working function and a second communications server; 

the home registration server further includes a fourth 
module to re-register the second mobile end system 



03/18/2004, EAST Version: 1.4.1 



us 6,665,718 Bl 



55 



56 



with the home registration server without de-hnkiQg the 
sixth inter-working function from the second commu- 
nications server when a registration request is received 
from the second mobile end system through a second 
access point and through the second access hub and 
through the second registration server to the home 
registration server; 

the home registration server further includes a fifth mod- 
ule to command the fifth inter-working function to be 
Unked with the sixth inter-working function when the 
second mobile end system re-registers through the 
second access hub; and 

the home registration server further includes a sixth 
module to command the fourth inter-working function 
to be de-linked from the sixth inter-working function 
after the fifth inter-working function is linked with the 
sixth inter-working function. 

12. The system of claim 11, wherein: 

the foreign network is regarded as a first foreign network 

and the first foreign network further includes a fourth 

inter-working function; 
a second foreign network includes a second registration 

server and a second access hub and a fifth inter-working 

function; 

the home network further includes sixth and seventh 
inter-working functions, the first foreign network ini- 
tially communicating data frames between a second 
mobile end system and the sixth inter-working function 
through the fourth inter-working function, the home 
network initially communicating data frames between 
the sixth inter-working function and a second commu- 
nications server; 

the home registration server further includes a fourth 
module to re-register the second mobile end system 
with the home registration server when a registration 
request is received from the second mobile end system 
through a second access point and Through the second 
access hub and through the second registration server to 
the home registration server, 

the home registration server further includes a fifth mod- 
ule to command the fifth inter-working function to be 
finked with the seventh inter-working function when 
the second mobile end system re-registers through the 
second access hub; 

the home registration server further includes a sixth 
module to command the seventh inter-working func- 
tion to be linked with the second communications 
server; 

the home registration server further includes a seventh 
module to command the sixth inter-working function to 
be de-linked fi-om the secood communications server; 
and 

the home registration server further includes an eighth 
module to command the sixth inter-working function to 
be de-linked from the fourth inter-working function 
after the seventh inter-working function is linked with 
the fifth inter-working function. 

13. A commxmications system comprising: 

a first foreign network that includes a first registration 
server and a first inter-working function; 

a second foreign network that includes a second registra- 
tion server and a first access hub and a second inter- 
working function; 

a home network that includes a home registration server 
and a third inter-working function, the first foreign 
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network initially communicating data frames between a 
first mobile end system and the third inter-working 
function through the first inter-working function, the 
home network initially communicating data frames 
between the third inter-working fiinction and the first 
communications server; 
wherein the home regjstratation server includes a first 
module to re-register the first mobile end system with 
the home registration server without de-linking the 
third inter-working function from the first communica- 
tions server when a registration request is received 
from the first mobile end system through a first access 
point and through the first access hub and through the 
second registration server to the home registration 
server; 

wherein the home registratation server further includes a 
second module to command the third inter-worldng 
function to be linked with the second inter-working 
function when the first mobile end system re-registers 
through the first access hub; and 

wherein the home registratation server further includes a 
third module to command the third inter-working func- 
tion to be de-linked from the first inter-working func- 
tion after the third inter-working function is finked with 
the second inter-working function. 

14. A communications system comprising: 

a first foreign network that includes a first registration 
server and a first inter-working function; 

a second foreign network that includes a second registra- 
tion server and a first access hub and a second inter- 
working fimction; 

a home network that includes a home registration server 
and third and fourth inter-working functions, the first 
foreign network initially communicating data frames 
between a first mobile end system and the third inter- 
working function through the first inter-working 
function, the home network initially communicating 
data frames between the third inter-working function 
and the first communications server; 

wherein the home registratation server includes a first 
module to re-register the first mobile end system with 
the home registration server when a registration request 
is received from the first mobile end system through a 
first access point and through the first access hub and 
through the second registration server to the home 
registration server; 

wherein the home registratation server further includes a 
second module to command the fourth inter-working 
function to be linked with the second inter-working 
function when the first mobile end system re-registers 
through the first access hub; 

wherein the home registratation server further includes a 
third module to command the fourth inter-working 
function to be finked with the first communications 
server; 

wherein the home registratation server further includes a 
fourth module to command the third inter-working 
function to be de-linked from the first communications 
server when the fourth inter-working fimction is linked 
with the first communications server; and 

wherein the home registratation server further includes a 
fifth module to command the third inter-working func- 
tion to be de-linked from the first inter-working func- 
tion after the fourth inter-working function is linked 
with the second inter-working function. 
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15. Id a network that includes a first registration server 
and first and second access points and a first access hub, a 
method of handing off a connection of a first mobile end 
system with the first access hub, the method comprising 
steps of: 

initially communicating data frames between the first 
mobile end system and the first access hub through the 
first access point; 

sending a registration request from the first mobile end 
system through the second access point to the first 
access hub to re-register the first mobile end system 
with the first access hub without informing the first 
registration server when the first mobile end system 
moves and re-registers through the second access point; 

linking the second access point with the first access hub 
when the first mobile end system re-registers through 
the second access point; and 

de-linking the first access point from the first access hub 
when the second access point is linked with the first 
access hub. 

16. Id a network that includes a first registration server 
and first and second access points and a first access hub, a 
method of handing off a connection of a first mobile end 
system with the first access hub, the method comprising 
steps of: 

initially commnnicating data frames between the first 
mobile end system and the first access hub through the 
first access point; 

sending a registration request from the first mobile end 
system through the second access point to the first 
access hub to re-register the first mobile and system 
with the first access hub without informing the first 
registration server when the first mobile end system 
moves and re-registers through the second access point; 

linking the second access point with the first access hub 
when the first mobile end system re-registers through 
the second access point; 

de-linking the first access point from the first access hub 
when the second access point is linked with the first 
access hub; 

wherein the network is regarded as a foreign network and 
the foreign network further includes second and third 
access hubs and a first inter-working function; 

a home network includes a home registration server; 

the method further includes a step of initially communi- 
cating data frames between a second mobile end system 
and the first inter-working function through the second 
access hub; 

the method further includes a step of sending a registra- 
tion request fi-om the second mobile end system 
through a third access point and through the third 
access hub to the first registration server to re-register 
the second mobile end system with the first registration 
server without informing the home registration server 
when the second mobile and system moves and 
re -registers through the third access hub; 

the method further includes a step of linking the third 
access hub with the first inter-working function when 
the second mobile end system re-registers through the 
third access hub; and 

the method further includes a step of de-linking the 
second access hub from the first inter-working function 
after the third access hub is linked with the first 
inter-working function. 
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17. The method of claim 16 wherein: 

the foreign network further includes a fourth access hub 
and second and third inter-working functions; 

the home network further includes a fourth inter-working 
function; 

the method further includes a step of initially communi- 
cating data frames between a third mobile end system 
and the fourth inter-working function through the sec- 
ond inter-working function; 

the method further includes a step of initially communi- 
cating data frames between the fourth inter-working 
function and a first communications server; 

the method further includes a step of sending a registra- 
tion request from the third mobile end system through 
a fourth access point and through the fourth access hub 
and through the first registration server to the home 
registration server to re -register the third mobile end 
system with the home registration server without 
dc -linking the fourth inter-working function from the 
first communications server when the third mobQe end 
system moves and re-registers, through the fourth 
access hub, the step of sending the registration request 
from the first registration server to the home registra- 
tion server including a sub-step of sending in indication 
of a change from the second inter-working function to 
the third inter-working function; 

the method further includes a stop of linking the third 
inter-working function with the fourth inter-working 
function when the third mobile end system re-registers 
through the fourth access hub; and 

the method further includes a stop of de-Unking the 
second inter-working function from the fourth inter- 
working function after the third inter-working function 
is linked with the fourth inter-working fiinction. 

18. The method of claim 17, wherein; 

the foreign network is regarded as a first foreign network 

and the first foreign network further includes a fifth 

inter-working function; 
a second foreign network includes a second registration 

server and a fifth access hub and a sixth inter-working 

function; 

the home network further includes a seventh inter- 
working function; 

the method further includes a step of initially communi- 
cating data frames between a fourth mobile end system 
and the seventh inter-working fimction through the fifth 
inter-working function; 

the method fiirther includes a step of initially communi- 
cating data frames between the seventh inter-working 
function and a second communications server; 

the method further includes a step of sending a registra- 
tion request from the fourth mobile end system through 
a fifth access point and through the fifth access hub and 
through the second registration server to the home 
registration server to re -register the fourth mobile end 
system with the home registration server without 
de-linking the seventh inter-working function from the 
second communications server when the fourth mobile 
end system moves and re-registers through the fifth 
access hub; 

the method further includes a step of linking the sixth 
inter-working function with the seventh inter-working 
function when the fourth mobile end system 
re-registers through the fifth access hub; and 

the method further includes a step of de-linking the fifth 
inter-working function from the seventh inter-working 
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function after the sixth inter-working function is linked 
with the seventh inter-working function. 

19. The method of claim 17, wherein: 

the foreign network is regarded as a first foreign network 

and the first foreign network further includes a fifth 

inter-working function; 
a second foreign network includes a second registration 

server and a fifth access hub and a sixth inter-working 

function; 

the home network further includes seventh and eighth 
inler-working functions; 

the method further includes a stop of initially communi- 
cating data frames between a fourth mobile end system 
and seventh inter-working function through the fifth 
inter-working function; 

the method further includes a step of initially communi- 
cating data frames between the seventh inter-working 
function and a second communications server; 

the method further includes a step of sending a registra- 
tion request from the fourth mobile end system through 
a fifth access point and through the fifth access hub and 
through the second registration server to the home 
registration server to re -register the fourth mobile end 
system with the home registration server when the 
fourth mobile end system moves and re-registers 
through the fifth access hub; 

the method further includes a step of linking the eighth 
inter-working function with the sixth inter-working 
function when the fourth mobile end system 
re -registers through the fifth access hub, the method 
further includes a step of linking the eighth inter- 
working function with the sccoud communications 
saver; 

the method further includes a step of de-linking the 
seventh inter-working function from the second com- 
munications server; and 

the method further includes a step of de-linking the 
seventh inter-working function from the fifth inter- 
working function after the eighth inter-working func- 
tion is linked with the sixth inter-working function, 

20. In a home network with a home registration server and 
a foreign network that includes a first registration server and 
first and second access hubs and a first inter-working 
function, a method of handing off a connection of a first 
mobile end system with the first inter-working function, the 
method comprising steps of: 

initially communicating data frames between the first 
mobile end system and the first inter-working function 
through the first access hub; 

sending a registration request from the first mobile end 
system through a first access point and through the 
second access hub to the first registration server to 
re-register the first mobile end system with the first 
registration server without informing the home regis- 
tration server when the first mobile end system moves 
and re-registers through the second access hub; 

linking the second access hub with the first inter- working 
function when the first mobile end system re-registers 
through the second access hub; and 

de-linking the first access hub firom the first inter- working 
function after the second access hub is finked with the 
first inter-working function. 

21. In a home network with a home registration server and 
a foreign network that includes a first registration server and 
first and second access hubs and a first inter-working 
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function, a method of handing off a cormection of a first 
mobile and system with the first inter-working function, the 
method comprising steps of: 
initially communicating data frames between the first 
5 mobile end system and the first inter-working function 
through the firm access hub; 
sending a registration request from the first mobile end 
system through a first access point and through the 
second access hub to the first registration server to 
10 re-register the fist mobile end system with the fifth 
registration sever without informing the home registra- 
tion server when the first mobile end system moves and 
re-registers through the second access hub; 
linking the second access hub with the first inter-working 
15 function when the first mobile end system re-registers 
through the second access hub; 
de-linking the first access hub from the first inter-working 
function after the second access hub is linked with the 
first inter-working function 
20 wherein the foreign network further includes a third 
access hub and second and third inter-working func- 
tions; 

the home network further includes a fourth inter-working 
function; 

25 the method further includes a step of initially communi- 
cating data frames between a second mobile end system 
and the fourth inter-working function through the sec- 
ond interworking function; 

the method further includes a step of initially communi- 
eating data frames between the fourth inter-working 
function and a first communications server; 

the method further includes a step of sending a registra- 
tion request from the second mobile end system 
through a second access point and through the third 
access hub and through the first registration server to 
the home registration server to re-register the second 
mobile end system with the home registration server 
without de-linking the foiirth inter-working function 
fi:om the first communications server when the second 
^ mobile end system moves and re-registers through the 
third access hub, the step of sending the registration 
request from the first registration server to the home 
registration server including a sub-step of sending an 
indication of a change from the second inter- working 
function to the third inter-working function; 

the method further includes a step of linking the third 
inter-working function with the fourth inter-working 
function when the second mobile and system 
re-registers through the third access hub; and 

the method further includes a step of de-linking the 
second inter- working function from the fourth inter- 
working function after the third inter-working function 
is linked with the fourth inter-working function, 

22. The method of claim 21, wherein: 

the foreign network is regarded as a first foreign network, 
and the first foreign network further includes a fifth 
inter-working function; 

a second foreign network includes a second registration 
60 server and a fourth access hub and a sixth inter-working 
function; 

the home network further includes a seventh inter- 
working function; 

the method further includes a step of iiutially communi- 
65 eating data frames between a third mobile end system 
and the seventh inter-working function through the fifth 
inter-working functions; 
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the method further includes a step of initially communi- 
cating data frames between the seventh inter-working 
functioD and a second communications server; 

the method further includes a step of sending a registra- 
tion request from the third mobile end system through 5 
a third access point and through the fourth access hub 
and through the second registration server to the home 
registration server to re-register the third mobile end 
system with the home registration server without 
de-linking the seventh inter-working function from the jq 
second communications server when the third mobile 
end system moves and re-registers through the fourth 
access hub; 

the method further includes a step of linking the sixth 
inter-working function with the seventh inter-working 15 
function when the third mobile end system re-registers 
through the fourth access hub; 

and the method further includes a step of de-linking the 
fifth inter-working function from the seventh inter- 
working function after the sixth inter-working function 20 
is linked with the seventh inter-working function. 

23. The method of claim 21, wherein: 

the foreign network is regarded as a first foreign network 
and the first foreign network further includes a fifth 
inter-working function; 25 

a second foreign network incMes a second registration 
server and a fourth access hub and a sixth inter- working 
function; 

the home network further includes seventh and eighth 
inter-working functions; 

the method further includes a step of initially communi- 
cating data frames between a third mobile end system 
and seventh inter-woddng function through the fifth 
inter-working function; 

the method further includes a step of initially communi- 
cating data frames between the seventh inter-working 
function and a second communications server; 

the method further includes a step of sending a registra- 
tion request from the third mobile and system through ^ 
a third access point and through the fourth access hub 
and through she second registration server to the home 
registration server to re -register the third mobile and 
system with the home registration server when the third 
mobile end system moves and re-registers through the 
fourth access hub; 

the method further includes a step of linking the eighth 
inter-working function with the sixth inter-working 
function when the third mobile end system re -registers 
through the fourth access hub; 

the method further includes a step of linking the eighth 
inter-working function with the second communica- 
tions server; 

the method further includes a step of de-linking the 
seventh inter-working function from the second com- 55 
munications server, and 

the method further includes a step of de-linking the 
seventh inter-working function from the fifth inter- 
working function after the eighth inter-working func- 
tion is linked with the sixth inter- working function. 60 

24. In a home network with a home registration server and 
a foreign network that includes a first registration server and 
a first access hub and first and second inter-working 
functions, the home network further including a third inter- 
working function, a method of handing off a connection of 65 
a first mobile end system with a first communications server, 
the method comprising steps of: 
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initially commimicating data frames between the first 
mobile end system and the third intcr-working function 
through the first inter-working function; 

initially commimicating data frames between the third 
inter-working function and the first communications 
, server; 

sending a registration request from the first mobile end 
system through a first access point and through the first 
access hub and through the first registration server to 
the home registration server to re -register the first 
mobile end system with the home registration server 
without de-hoking the third inter-working function 
from the first communications server when the first 
mobile end system moves and re-registers through the 
first access hub, the step of sending the registration 
request from the first registration server to the home 
registration server including a sub-step of sending an 
indication of a change from the first inter-working 
function to the second inter-working function; 
linking the second inter-working function with the third 
inter-working function when the first mobile end sys- 
tem re-registers through the first access hub; and 
de-linking the first inter-working function from the third 
inter-working function after the second inter-working 
function is linked with the third inter-working function. 
25. In a home network with a home registration server and 
a foreign network that includes a first registration server and 
a first access hub and first and second inter-working 
functions, the home network further including a third inter- 
working function, a method of handing off a connection of 
a first mobile end system with a first communications server, 
the method comprising steps of: 
initially communicating data frames between the first 
mobile end system and the third inter-working function 
through the first inter-working function; 
initially communicating data frames between the third 
inter-working function and the first communications 
server; 

sending a registration request from the first mobile end 
system through a first access point and through the first 
access hub and through the first registration server to 
the home registration server to re-register the first 
mobile and system with the home registration server 
without de-linking the third inter-working function 
from the first communications server when the first 
mobile end system moves and re-registers through the 
first access hub, the step of sending the registration 
request from the first registration sever to the home 
registration server including a sub-step of sending an 
indication of a change from the first inter-working 
function to the second inter-working function; 

linking the second inter-working funaion with the third 
inter-working function when the first mobUe end sys- 
tem re-registers through the first access hub; and 
de-linking the first inter-working function from the 
third inter-working function after the second inler- 
working function is linked with the third inter-working 
function; 

wherein the foreign network is regarded as a first foreign 

network and the first foreign network further includes 

fourth inter-working function; 
a second foreign network includes a second registration 

server and a second access hub and a fifth inter-working 

function; 

the home network further includes a sixth inter-worldng 
function; 
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the method further includes a step of initially communi- 
cating data frames between a second mobile end system 
and the sixth inter-working function through the fourth 
inter-working function; 

the method further includes a step of initially communi- ^ 
eating data frames between the sixth inter-working 
function and a second communications server; 

the method further includes a stop of sending a registra- 
tion request from the second mobile end system 
through a second access point and through the second 
access hub and through the second registration server to 
the home registration server to reregister the second 
mobile end system with the home registration server 
without de-linking the sixth inter-working function 
from the second communications server when the sec- 
ond mobile end system moves and re -registers through 
the second access hub; 

the method further includes a step of Unking the fifth 
inter-working function with the sixth inter-working ^ 
function when the second mobile end system 
re -registers through the second access hub; and 

the method further includes a step of de-linking the fourth 
inter-working function from the sixth inter-working 
function after the fifth inter- woricing function is linked 25 
with the sixth inter- working function. 

26. The method of claim 25, wherein: 

the foreign network is regarded as a first foreign network 
and the fist foreign network further includes a fourth 
inter-working function; 30 

a second foreign network includes a second registration 
server and a second access hub and a fifth inter-working 
function; 

the home network further includes sixth and seventh 
inter-working functions; the method further includes a 
step of initially communicating data frames between a 
second mobile end system and the sixth inter-working 
function through the fourth inter-working function; 

the method further includes a step of initially communi- 
cating data frames between ttie sixth inter-working ^ 
function and a second communications server; 

the method further includes a step of sending a registra- 
tion request from the second mobile end system 
through a second access point and through the second 
access hub and through the second registration server to 
the home registration server to re-register the second 
mobile end system with the home registration server 
when the second mobile end system moves and 
re -registers through the second access hub; 

the method further includes a step of linking the fifth 
inter-working function with the seventh inter-working 
function when the second mobile end system 
re-registers through the second access hub; 

the method further includes a step of linking the seventh 55 
inter-working function with the second communica- 
tions server, the method further includes a step of 
de-linking the sixth inter-working function from the 
second communications server; and 

the method further includes a stop of de-linking the sixth 60 
inter-working function from the fourth inter-working 
fiinction after the seventh inter-working function is 
linked with the fifth inter-working function. 

27. In a home network and first and second foreign 
networks, the first foreign network including a first regis- 65 
tration server and a first inter-working function, the second 
foreign network including a second registration server and a 
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first access hub and a second inter-working function, the 
home network including a home registration server and a 
third inter-working function, a method of handing off a 
connection of a first mobile end system with a first com- 
mxmications server, the method comprising steps of: 
initially communicating data frames between a first 

mobile end system and the third inter-working function 

through the first inter-working function; 
initially communicating data frames between the third 

inter-working function and the first communications 

server; 

sending a registration request from the first mobile end 
system through a first access point and through the first 
access hub and through the second registration server to 
the home registration server to re-register the first 
mobile end system with the home registration server 
without de-linking the third inter-working function 
from the first coramtmications server when the first 
mobile end system moves and re-registers through the 
first access hub; 

linking the third inter- working function with the second 
inter-working function when the first mobile end sys- 
tem re-registers through the first access hub; and 

de-linking the third inter-working function from the first 
inter-working function after the third inter-working 
function is linked with the second inter-working func- 
tion, 

28. In a home network and first and second foreign 
networks, the first foreign network including a first regis- 
tration server and a first inter-working function, the second 
foreign network including a second registration server and a 
first access hub and a second inter-working function, the 
home network including a home registration server and third 
and fourth inter-working functions, a method of handing off 
a connection of a first mobile end system with a first 
communications server, the method comprising steps of: 
initially communicating data frames between a first 
mobile end system and the third inter-working function 
through the first inter-working function; 
initially communicating data frames between the third 
inter-working function and the first communications 
server; 

sending a registration request from the first mobile end 
system through a first access point and through the first 
access hub and through the second registration server to 
the home registration server to re-rcgister the first 
mobile end system with the home registration server 
when the first mobile end system moves and 
re-rcgisters through the first access hub; 

linking the fourth inter-working function with the second 
inter-working function when the first mobile end sys- 
tem re-registers through the first access hub; 

linking the fourth inter-working function with the first 
communications server; 

de-linking the third inter-working function from the first 
commtmications server when the fourth inter-working 
function is finked with the first communications server; 
and 

de-linking the third inter-working fimction from the first 
inter-working function after the fourth inter-working 
function is linked with the second inter-working func- 
tion. 

♦ » * * * 
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